Professional Documents
Culture Documents
Cyb 205 Digital Forensics Afit 2023
Cyb 205 Digital Forensics Afit 2023
Dr Muktar Bello
Department of Cyber Security
May, 2023
PHILOSOPHICAL QUOTE
I N T R O D U C T IO N T O D I G I T A L F O R E N S I C S – C Y B 2 0 5
SOCRATES
GLOBAL
Digital Eco-System
DISCLAIMER
My Views Only.
STATISTICS
I N T R O D U C T IO N T O D I G I T A L F O R E N S I C S – C Y B 2 0 5
3rd 3 rd $26.4
222 Most Most Billion
Million Populated Affected
by 2050
Information
Intelligence
Evidence
BOKO HARAM: ONLINE or OFFLINE
INTRODUCTION TO DIGITAL FORENSICS – CYB 205
CONTENT FOCUSES ON
•ON-GOING ATTACKS
•OPERATIONAL VICTORIES
•BEHEADING OF HOSTAGES F PREFERENCE OF TRADITIONAL
MEDIA
E
SOCIAL MEDIA USE INFLUENCED G •PRE - 2015
BY: •Audio Cassettes, Leaflets, Open Air
D Lectures
•INTERNET PENETRATION
•OTHER FACTORS USE OF SOCIAL MEDIA
C A • POST - 2015
B •You Tube, Twitter &
FaceBook
TWITTER RESULTS
BETWEEN 2012 - 2017 NOT AS SOPHISTICATED AS ISIL
•BOKO HARAM – •More Advanced after pledging to ISIL
159,095
RISE OF BOKO HARAM– INADEQUATE EXPLANATION
INTRODUCTION TO DIGITAL FORENSICS – CYB 205
Thurston, A. (2016). ‘The Disease is Unbelief’: Boko Haram’s Religious & Political Worldview
UNODP (2017). A Tool for Terrorism: Exploring How ISIL, Al-SHABAAB And Boko Haram Use Social Media In
Africa
Terrorist Use Wide Use Social Media to Online Recruitment Role of Social Media
Range of Platforms: publicise attacks, Strategy using Social complimented by
FaceBook, Twitter, operational victories, Media offline peer
WhatsApp, Telegram tactics etc influences
TERRORISM HALL OF SHAME
I N T R O D U C T IO N T O D I G I T A L F O R E N S I C S – C Y B 2 0 5
CYBER-CRIME CYBER-WARFARE
CYBER-TERRORISM SGBV
WHY DO PEOPLE COMMIT CRIME?
I N T R O D U C T IO N T O D I G I T A L F O R E N S I C S – C Y B 2 0 5
CRIMINOLOGICAL THEORIES
Criminological theories focus on
explaining the causes of crime. They
explain why some people commit a crime,
identify risk factors for committing a crime,
and can focus on how and why certain
laws are created and enforced.
CRIMINOLOGICAL THEORY - RAT
INTRODUCTION TO DIGITAL FORENSICS – CYB 205
2001 2022
1990 2022
2003
TERRORIST
SHOOTING STATE VS APPLE
Forensics Investigators Secure the Analysts Examines and Analyzes Analyst Testifies in Court as
Crime Scene Evidence an Expert Witness
DIGITAL EVIDENCE
I N T R O D U C T IO N T O D I G I T A L F O R E N S I C S – C Y B 2 0 5
WHAT TO COLLECT
HOW TO COLLECT
Digital & Electronic
Evidence Crime Scene
Management; Chain of
Custody, SOP & Chain of
Custody
HOW/WHAT TO EXAMINE
Tools
Link Analysis WHAT TO PRESENT
3rd Party Verification
Forensics Report,
Certificate of
Authentication &
Supporting Documents
(Certified True Copies)
CASE STUDY 3: KILLING OF BOKO HARAM LEADER
INTRODUCTION TO DIGITAL FORENSICS – CYB 205
• Computers/Hard drives
• Mobile phone/SD cards/SIM cards
• Network Peripherals, Network AP’s
• Internet of Things
• Cloud
• Printers
• Flash Drives
• Emails
• Social Media
• Drones .. ?
DATA TYPES
INTRODUCTION TO DIGITAL FORENSICS – CYB 205
• Internal
• Access requires removal of battery
• External
• Accessible without battery removal
MOBILE OPERATING SYSTEM
INTRODUCTION TO DIGITAL FORENSICS – CYB 205
EVOLUTION OF DIGITAL FORENSICS INVESTIGATION
INTRODUCTION TO DIGITAL FORENSICS – CYB 205
DIGITAL FORENSICS INVESTIGATION MODEL
I N T R O D U C T IO N T O D I G I T A L F O R E N S I C S – C Y B 2 0 5
COLLECTION OF DIGITAL EVIDENCE
INTRODUCTION TO DIGITAL FORENSICS – CYB 205
COLLECTION
-Identification
-Preservation
/Isolation –
Faraday Bags
(integrity)
-Data Extraction
(Imaging)
DOCUMENTATION, EXAMINATION & ANALYSIS
INTRODUCTION TO DIGITAL FORENSICS – CYB 205
PART 2: EXAMINATION
• Document processes
• Users
• Content Owners
• Investigators
• Service Providers
• Courts & Attorneys
• Law Enforcement
• Companies & Marketers
• The Public
COLLECTION METHODS
INTRODUCTION TO DIGITAL FORENSICS – CYB 205
• Screen Shots
• Manual Documentation
• Open Source tools
(HTTrack)
• Commercial Tools (X1)
• Web service (Pagefreezer)
• Forensic Recovery
• Content subpoena
ETHICAL ISSUES
I N T R O D U C T IO N T O D I G I T A L F O R E N S I C S – C Y B 2 0 5
• Evolving Technical
Landscape
• Provider Limitations
• Content Diversity &
Volume
• Validated Tools
GENERAL THOUGHTS
I N T R O D U C T IO N T O D I G I T A L F O R E N S I C S – C Y B 2 0 5
• Constant Evolution
• Social media Crime on the
Rise
• Can we monitor SM?
• “Catch me if you can”
• Increasing Privacy Awareness
DOES SOCIAL MEDIA MATTER?
INTRODUCTION TO DIGITAL FORENSICS – CYB 205
CASE STUDY 5: HUSHPUPPI
INTRODUCTION TO DIGITAL FORENSICS – CYB 205
• Experience
• Business
• Academic
• Testimonial
• Training
• Certification
• Academic Background
CASE STUDY 6: MILITARY COURT MARTIAL – EXPERT WITNESS
INTRODUCTION TO DIGITAL FORENSICS – CYB 205
TECHNICAL AUTHOURIZATION
QUESTIONING
PRESENTATION OF EVIDENCE IN COURT
INTRODUCTION TO DIGITAL FORENSICS – CYB 205
• What Lawyers
(Prosecutors) should
ask?
• Job Designation,
Qualification, Schedule
of Duties
• What role you played in
the investigation?
• What tools and
procedures used? ----
Section 84 (2)
• Findings and
conclusion.
DIGITAL INNOVATION
INTRODUCTION TO DIGITAL FORENSICS – CYB 205
01 Artificial Intelligence
03 Forensics Science
04 Evidence Based
Policing & Predictive
FUTURISTIC CRIMES
I N T R O D U C T IO N T O D I G I T A L F O R E N S I C S – C Y B 2 0 5
CYBER-ENABLED CRIME.
CYBER-RAPE?
“INDUSTRIAL GENOCIDE”?
FUTURISTIC POLICING
I N T R O D U C T IO N T O D I G I T A L F O R E N S I C S – C Y B 2 0 5
PREVENTION
DOCUMENT CONTROL
Lead Implementers of the ISO 9001 & 17025 Standards
IMPLEMENTATION OF QUALITY
MANAGEMENT SYSTEM (QMS)
ISO 9001
MONITORING &EVALUATING
COMPETENCE OF ANALYSTS
IMPLEMENTATION OF
LABORATORY MANAGEMENT
SYSTEM (LMS) ISO 17025
CHECKING
ASSUME NOTHING BELIEVE NOTHING EVERYTHING
A B C