KEMBAR78
Brief introduction to digital forensics | ODP
Marco Alamanni, profile picture
Uploaded byMarco Alamanni
ODP, PPTX1,398 views

Brief introduction to digital forensics

The video provides an introduction to digital forensics, outlining its definition, applications in criminal and civil investigations, and various sub-branches such as disk and memory forensics. It details the main phases of digital forensics: assessment, acquisition, analysis, and reporting, along with important concepts like the order of volatility and chain of custody. Additionally, the document compares commercial forensic tools with open-source alternatives, highlighting the advantages of using Kali Linux for forensic tasks.

Download as ODP, PPTX
Digital forensics with Kali Linux Marco Alamanni Video 1.2 Brief introduction to digital forensics
In this Video, we are going to take a look at… • Introduction to digital forensics: definition and applications • Phases of digital forensics • Important concepts: Locard's principle, order of volatility, chain of custody • Commercial vs. open source tools
Introduction to digital forensics - definition Digital forensics can be defined as “The use of scientifically derived and proven methods toward the preservation, collection, validation, identification, analysis, interpretation, documentation and presentation of digital evidence derived from digital sources for the purpose of facilitating or furthering the reconstruction of events [...]”, Digital Forensic Research Workshop (DFRWS), 2001
Introduction to digital forensics - applications ● Main application of digital forensics is in criminal or civil investigations ● Can also be applied to incident response and internal investigations
Introduction to digital forensics – sub-branches Includes various sub-branches, for example: • Disk and filesystem forensics • Memory forensics • Mobile forensics • Network forensics
Phases of digital forensics Main phases of digital forensics (Kruse and Heiser, 2001): ● Assessment ● Acquisition ● Analysis ● Reporting
Phases of digital forensics - Acquisition ● Acquisition involves acquiring a copy or image of the device(s) or data. ● Always mount the device in read-only mode! ● Always verify the integrity of the image!
Phases of digital forensics - Analysis ● Analysis includes extraction and recovery of data from the image and their subsequent examination and interpretation. ● It's the most technical part and we are going to cover it for the major part of the course. ● Always work on the image and not on the original device or data!
Phases of digital forensics - Reporting ● Reporting is about documenting and writing the report of all the forensic job done in the previous phases. ● The final report documents the findings as well as the procedures and tools used. ● Could be very effective for the outcome of the investigation!
Important forensic concepts – Order of volatility ● The order of volatility (OOV) defines the degree of volatility of data. ● For example, data in RAM is more volatile than on hard disk. ● More volatile data should be acquired first.
Important forensic concepts – Locard's principle ● Locard's exchange principle states that every interaction with the crime scene leaves something and make something to be taken away ● This is also true in the digital world and for the forensic examiner too, that should be careful not to corrupt evidence and minimize the effects of her actions.
Important forensic concepts – Locard's principle ● Locard's exchange principle states that every interaction with the crime scene leaves something and make something to be taken away ● This is also true in the digital world and for the forensic examiner too, that should be careful not to corrupt evidence and minimize the effects of her actions.
Important forensic concepts – Chain of custody ● Chain of custody refers to the complete route of the evidence from its identification and collection to its storage and preservation. ● The chain of custody must be properly documented and cannot be broken for the evidence to be admissable in a court.
Commercial vs. open source forensic tools ● Examples of known commercial forensic suites are Guidance Encase, Access Data FTK and ProDiscover. ● But quite expensive, closed source and not available on Linux. ● Open source tools are free and widely accepted by the digital forensic community. ● Kali Linux includes the majority of the forensic open source tools!
Video summary ● Introduction to digital forensics and its applications. ● Description of its main phases. ● Introduction to important forensic concepts. ● Comparison between commercial and open source tools.
Next Video Downloading and installing Kali Linux

More Related Content

PPTX
Mobile Forensics
byprimeteacher32
 
PPTX
Digital forensics
byRoberto Ellis
 
PDF
Digital forensic principles and procedure
bynewbie2019
 
PPTX
Digital forensics
byvishnuv43
 
PDF
CNIT 121: 8 Forensic Duplication
bySam Bowne
 
PPTX
Memory forensics.pptx
by9905234521
 
PPTX
Data Acquisition
byprimeteacher32
 
PPT
Collecting and preserving digital evidence
byOnline
 
Mobile Forensics
byprimeteacher32
 
Digital forensics
byRoberto Ellis
 
Digital forensic principles and procedure
bynewbie2019
 
Digital forensics
byvishnuv43
 
CNIT 121: 8 Forensic Duplication
bySam Bowne
 
Memory forensics.pptx
by9905234521
 
Data Acquisition
byprimeteacher32
 
Collecting and preserving digital evidence
byOnline
 

What's hot

PPTX
Module 02 ftk imager
byParminderKaurBScHons
 
PPT
Digital Forensics
byNicholas Davis
 
PPTX
Digital Forensics
byMithileysh Sathiyanarayanan
 
PDF
Digital Evidence in Computer Forensic Investigations
byFilip Maertens
 
PPTX
Network Forensics
byprimeteacher32
 
PDF
A brief Intro to Digital Forensics
byManik Bhola
 
PPTX
Incident response process
byBhupeshkumar Nanhe
 
PDF
CS6004 Cyber Forensics
byKathirvel Ayyaswamy
 
PDF
Wired and Wireless Network Forensics
bySavvius, Inc
 
PPT
Mobile forensics
bynoorashams
 
PDF
01 Computer Forensics Fundamentals - Notes
byKranthi
 
PPTX
Memory forensics
bySunil Kumar
 
PDF
Current Forensic Tools
byJyothishmathi Institute of Technology and Science Karimnagar
 
PPTX
Digital Forensic ppt
bySuchita Rawat
 
PDF
Incident response methodology
byPiyush Jain
 
PPTX
Legal aspects of digital forensics
byKakshaPatel3
 
PPT
Introduction to computer forensic
byOnline
 
PPT
File Carving
byAakarsh Raj
 
PPTX
Digital forensics ahmed emam
byahmad abdelhafeez
 
PPTX
Introduction to filesystems and computer forensics
byMayank Chaudhari
 
Module 02 ftk imager
byParminderKaurBScHons
 
Digital Forensics
byNicholas Davis
 
Digital Forensics
byMithileysh Sathiyanarayanan
 
Digital Evidence in Computer Forensic Investigations
byFilip Maertens
 
Network Forensics
byprimeteacher32
 
A brief Intro to Digital Forensics
byManik Bhola
 
Incident response process
byBhupeshkumar Nanhe
 
CS6004 Cyber Forensics
byKathirvel Ayyaswamy
 
Wired and Wireless Network Forensics
bySavvius, Inc
 
Mobile forensics
bynoorashams
 
01 Computer Forensics Fundamentals - Notes
byKranthi
 
Memory forensics
bySunil Kumar
 
Current Forensic Tools
byJyothishmathi Institute of Technology and Science Karimnagar
 
Digital Forensic ppt
bySuchita Rawat
 
Incident response methodology
byPiyush Jain
 
Legal aspects of digital forensics
byKakshaPatel3
 
Introduction to computer forensic
byOnline
 
File Carving
byAakarsh Raj
 
Digital forensics ahmed emam
byahmad abdelhafeez
 
Introduction to filesystems and computer forensics
byMayank Chaudhari
 

Similar to Brief introduction to digital forensics

PPTX
Brief introduction to digital forensics
byDetectalix
 
PDF
Debian Linux as a Forensic Workstation
byVipin George
 
PPTX
DIGITAL FORENSICS_PRESENTATION
byAmina Baha
 
PPTX
Forensic Science – Digital Forensics – Digital Evidence – The Digital Forensi...
byManiMaran230751
 
PPTX
ppt for Module 5 cybersecuirty_023501.pptx
byMayuraD1
 
PPT
Lecture2 Introduction to Digital Forensics.ppt
bySurajgroupsvideo
 
PPT
CS426_forensics.ppt
byPrabithGupta1
 
PPT
CS426_forensics_tools to analyse and deve
byvikashagarwal874473
 
PPT
Network Forensics Basic lecture for Everyone
byBurhanKhan774154
 
PPT
CS426_forensics.ppt
byOkviNugroho1
 
PPT
Forensic Lab Development
byamiable_indian
 
DOCX
Cyber&digital forensics report
byyash sawarkar
 
PDF
digital forensics-9 of cyber security.pdf
byAdyakantaSahoo
 
PDF
Final Outline of Forensic Presentation.pdf
byImranKhan423233
 
PPTX
Digital forensics
byyash sawarkar
 
PPTX
Computer Forensics.pptx
byHappyness Mkumbo
 
PPTX
3170725_Unit-1.pptx
byYashPatel132112
 
PDF
Cyber Forensics training by Forensic Academy
byForensic Academy
 
PPTX
Draft current state of digital forensic and data science
byDamir Delija
 
PDF
Introduction to Forensic Research Digital Forensics
bySaanviMisar
 
Brief introduction to digital forensics
byDetectalix
 
Debian Linux as a Forensic Workstation
byVipin George
 
DIGITAL FORENSICS_PRESENTATION
byAmina Baha
 
Forensic Science – Digital Forensics – Digital Evidence – The Digital Forensi...
byManiMaran230751
 
ppt for Module 5 cybersecuirty_023501.pptx
byMayuraD1
 
Lecture2 Introduction to Digital Forensics.ppt
bySurajgroupsvideo
 
CS426_forensics.ppt
byPrabithGupta1
 
CS426_forensics_tools to analyse and deve
byvikashagarwal874473
 
Network Forensics Basic lecture for Everyone
byBurhanKhan774154
 
CS426_forensics.ppt
byOkviNugroho1
 
Forensic Lab Development
byamiable_indian
 
Cyber&digital forensics report
byyash sawarkar
 
digital forensics-9 of cyber security.pdf
byAdyakantaSahoo
 
Final Outline of Forensic Presentation.pdf
byImranKhan423233
 
Digital forensics
byyash sawarkar
 
Computer Forensics.pptx
byHappyness Mkumbo
 
3170725_Unit-1.pptx
byYashPatel132112
 
Cyber Forensics training by Forensic Academy
byForensic Academy
 
Draft current state of digital forensic and data science
byDamir Delija
 
Introduction to Forensic Research Digital Forensics
bySaanviMisar
 

More from Marco Alamanni

ODP
Introduction to memory forensics
byMarco Alamanni
 
ODP
File carving tools
byMarco Alamanni
 
ODP
File carving overview
byMarco Alamanni
 
ODP
Extracting and analyzing browser,email and IM artifacts
byMarco Alamanni
 
ODP
Introduction to forensic imaging
byMarco Alamanni
 
PPT
Oracle Database Vault
byMarco Alamanni
 
PDF
Trust:concetti generali e teoria formale
byMarco Alamanni
 
Introduction to memory forensics
byMarco Alamanni
 
File carving tools
byMarco Alamanni
 
File carving overview
byMarco Alamanni
 
Extracting and analyzing browser,email and IM artifacts
byMarco Alamanni
 
Introduction to forensic imaging
byMarco Alamanni
 
Oracle Database Vault
byMarco Alamanni
 
Trust:concetti generali e teoria formale
byMarco Alamanni
 

Recently uploaded

PDF
ASTC Conference 2025 - Bridging the Gap!
byGareth Oakes
 
PDF
Scraping Amazon Prime Watchlist Data for Viewing Patterns.pdf
byyashpatric
 
PDF
VADY Data Analytics Solutions – Effortless AI-Powered Decision-Making for Eve...
byNewFangledVision
 
DOCX
Comprehensive Guide to SharePoint Consulting Services – Benefits, Process, an...
bySharepoint Designs
 
PDF
Best Tableau Alternatives for Data Analytics and Reporting.pdf
byVarsha Nayak
 
PPTX
Integrated Billing, Accounting & Inventory Solution for MSMEs
byMoving Cloud
 
PPTX
Safe Confined Space Entry Monitoring_ Singapore Experts.pptx
byprasadexiga0
 
PPTX
Standardization of open-source software ISO/IEC 5230:2020 and ISO/IEC 18974:2...
byShane Coughlan
 
DOCX
What Is the Best BI Software Other Than Tableau.docx
byVarsha Nayak
 
PDF
Where Does Your Data Go When You Put In Into A Database_.pdf
byDave Stokes
 
PDF
Privacy-first in-browser Generative AI web apps: offline-ready, future-proof,...
byMaxim Salnikov
 
PPTX
Moving Plone Blob Storage to S3 Object Storage - Plone Conference 2025
byAlin Voinea
 
PPTX
Java Modern Puzzlers, a guide to new programming features
bySimon Ritter
 
PDF
SAP & CTRM Testing Like Never Before
byZoe Gilbert
 
PPT
Lexical and Syntax Analysis top down parsers
bymjmansoori54
 
PDF
Security Architecture Views the FDA Expects — And How to Get Them Right
byICS
 
PDF
The Rise of AI Agents: Powering the Next Industrial Era
byMaxim Salnikov
 
PDF
Safe Confined Space Entry Monitoring_ Singapore Experts.pdf
byprasadexiga0
 
PPTX
Systems Programming Lecture Compute.pptx
byAdekunle25
 
PPSX
Domain Centered Architecture for complex business domains
byRob Vens
 
ASTC Conference 2025 - Bridging the Gap!
byGareth Oakes
 
Scraping Amazon Prime Watchlist Data for Viewing Patterns.pdf
byyashpatric
 
VADY Data Analytics Solutions – Effortless AI-Powered Decision-Making for Eve...
byNewFangledVision
 
Comprehensive Guide to SharePoint Consulting Services – Benefits, Process, an...
bySharepoint Designs
 
Best Tableau Alternatives for Data Analytics and Reporting.pdf
byVarsha Nayak
 
Integrated Billing, Accounting & Inventory Solution for MSMEs
byMoving Cloud
 
Safe Confined Space Entry Monitoring_ Singapore Experts.pptx
byprasadexiga0
 
Standardization of open-source software ISO/IEC 5230:2020 and ISO/IEC 18974:2...
byShane Coughlan
 
What Is the Best BI Software Other Than Tableau.docx
byVarsha Nayak
 
Where Does Your Data Go When You Put In Into A Database_.pdf
byDave Stokes
 
Privacy-first in-browser Generative AI web apps: offline-ready, future-proof,...
byMaxim Salnikov
 
Moving Plone Blob Storage to S3 Object Storage - Plone Conference 2025
byAlin Voinea
 
Java Modern Puzzlers, a guide to new programming features
bySimon Ritter
 
SAP & CTRM Testing Like Never Before
byZoe Gilbert
 
Lexical and Syntax Analysis top down parsers
bymjmansoori54
 
Security Architecture Views the FDA Expects — And How to Get Them Right
byICS
 
The Rise of AI Agents: Powering the Next Industrial Era
byMaxim Salnikov
 
Safe Confined Space Entry Monitoring_ Singapore Experts.pdf
byprasadexiga0
 
Systems Programming Lecture Compute.pptx
byAdekunle25
 
Domain Centered Architecture for complex business domains
byRob Vens
 

Brief introduction to digital forensics

  • 1.
    Digital forensics withKali Linux Marco Alamanni Video 1.2 Brief introduction to digital forensics
  • 2.
    In this Video,we are going to take a look at… • Introduction to digital forensics: definition and applications • Phases of digital forensics • Important concepts: Locard's principle, order of volatility, chain of custody • Commercial vs. open source tools
  • 3.
    Introduction to digitalforensics - definition Digital forensics can be defined as “The use of scientifically derived and proven methods toward the preservation, collection, validation, identification, analysis, interpretation, documentation and presentation of digital evidence derived from digital sources for the purpose of facilitating or furthering the reconstruction of events [...]”, Digital Forensic Research Workshop (DFRWS), 2001
  • 4.
    Introduction to digitalforensics - applications ● Main application of digital forensics is in criminal or civil investigations ● Can also be applied to incident response and internal investigations
  • 5.
    Introduction to digitalforensics – sub-branches Includes various sub-branches, for example: • Disk and filesystem forensics • Memory forensics • Mobile forensics • Network forensics
  • 6.
    Phases of digitalforensics Main phases of digital forensics (Kruse and Heiser, 2001): ● Assessment ● Acquisition ● Analysis ● Reporting
  • 7.
    Phases of digitalforensics - Acquisition ● Acquisition involves acquiring a copy or image of the device(s) or data. ● Always mount the device in read-only mode! ● Always verify the integrity of the image!
  • 8.
    Phases of digitalforensics - Analysis ● Analysis includes extraction and recovery of data from the image and their subsequent examination and interpretation. ● It's the most technical part and we are going to cover it for the major part of the course. ● Always work on the image and not on the original device or data!
  • 9.
    Phases of digitalforensics - Reporting ● Reporting is about documenting and writing the report of all the forensic job done in the previous phases. ● The final report documents the findings as well as the procedures and tools used. ● Could be very effective for the outcome of the investigation!
  • 10.
    Important forensic concepts– Order of volatility ● The order of volatility (OOV) defines the degree of volatility of data. ● For example, data in RAM is more volatile than on hard disk. ● More volatile data should be acquired first.
  • 11.
    Important forensic concepts– Locard's principle ● Locard's exchange principle states that every interaction with the crime scene leaves something and make something to be taken away ● This is also true in the digital world and for the forensic examiner too, that should be careful not to corrupt evidence and minimize the effects of her actions.
  • 12.
    Important forensic concepts– Locard's principle ● Locard's exchange principle states that every interaction with the crime scene leaves something and make something to be taken away ● This is also true in the digital world and for the forensic examiner too, that should be careful not to corrupt evidence and minimize the effects of her actions.
  • 13.
    Important forensic concepts– Chain of custody ● Chain of custody refers to the complete route of the evidence from its identification and collection to its storage and preservation. ● The chain of custody must be properly documented and cannot be broken for the evidence to be admissable in a court.
  • 14.
    Commercial vs. opensource forensic tools ● Examples of known commercial forensic suites are Guidance Encase, Access Data FTK and ProDiscover. ● But quite expensive, closed source and not available on Linux. ● Open source tools are free and widely accepted by the digital forensic community. ● Kali Linux includes the majority of the forensic open source tools!
  • 15.
    Video summary ● Introduction todigital forensics and its applications. ● Description of its main phases. ● Introduction to important forensic concepts. ● Comparison between commercial and open source tools.
  • 16.
    Next Video Downloading andinstalling Kali Linux