National framework for digital forensics bangladesh context
-
Upload
bank-alfalah-limited -
Category
Technology
-
view
491 -
download
0
Transcript of National framework for digital forensics bangladesh context
![Page 1: National framework for digital forensics bangladesh context](https://reader035.fdocuments.us/reader035/viewer/2022070522/58eec0981a28ab2d0b8b45bf/html5/thumbnails/1.jpg)
National Framework for Digital Forensics: Bangladesh Context
Forensics Geeks: Md. Safiuddin RusselMd. Abu Taher Dulal
Md. Masud ParvezRajib Mahmud
Hasan Al Monsur
![Page 2: National framework for digital forensics bangladesh context](https://reader035.fdocuments.us/reader035/viewer/2022070522/58eec0981a28ab2d0b8b45bf/html5/thumbnails/2.jpg)
Md. Safiuddin Russel Preface... Digitization in our daily life The Need For Digital Forensics
Investigation Framework Objectives
![Page 3: National framework for digital forensics bangladesh context](https://reader035.fdocuments.us/reader035/viewer/2022070522/58eec0981a28ab2d0b8b45bf/html5/thumbnails/3.jpg)
Bangladesh is a young and rapidly growing population is 160 million. According to BASIS 2012 survey the ICT industry is consistently growing 20% to 30% per year. Most of our IT investment focused on Financial, Telecomm and Government sector. Now a day we cannot think a day without Information Technology as we are living on Information Age. We are very quickly accustomed to keeping and using digital information. While we are keeping our processed data on different digital media, security is one of the key issues in contemporary computing and is relevant to a wide range of activities, including software development, networking and system. Some people will then take the advantages of these loosely coupled securities and involved in different crime. Our object in this project is to make a Digital Forensics Framework which will cover Policy, Standard and give a future Guideline for investigation and presentation to law and enforcement agency.
Preface... Digitization in our daily life
![Page 4: National framework for digital forensics bangladesh context](https://reader035.fdocuments.us/reader035/viewer/2022070522/58eec0981a28ab2d0b8b45bf/html5/thumbnails/4.jpg)
The Need For Digital Forensics Investigation FrameworkThe prevention of further malicious events
occurring against the intended “target".The successful tracing back of the events that
occurred which led to the crime, and determining the guilty parties involved.
Bringing the perpetrators of the crime to justice.The improvement of current prevention
mechanisms in place to prevent such an event from occurring again.
Improving standards used by corporate security professionals to secure their respective corporate networks.
How everyone “plugged" into this digital environment can increase their awareness about current vulnerabilities and prevention measures.
![Page 5: National framework for digital forensics bangladesh context](https://reader035.fdocuments.us/reader035/viewer/2022070522/58eec0981a28ab2d0b8b45bf/html5/thumbnails/5.jpg)
ObjectivesAnalyzing the vulnerability and
subsequences of cybercrime scenario in Bangladesh.
Prepare a Policy, Standards and Guideline for different digital forensics components and fine-tuning based on the Bangladesh scenario.
Propose a Generic National Framework for Digital Forensics suitable to map user activity with legal admissibility standards as well as all types of digital crime scene investigations and prosecution of cybercriminal in Bangladesh.
Validate the proposed Digital Forensics Framework based on the Bangladesh Cyber Crime Information.
![Page 6: National framework for digital forensics bangladesh context](https://reader035.fdocuments.us/reader035/viewer/2022070522/58eec0981a28ab2d0b8b45bf/html5/thumbnails/6.jpg)
Hasan Al MonsurMost Popular Existing
Digital Forensics ModelsDigital Forensics Frameworks
![Page 7: National framework for digital forensics bangladesh context](https://reader035.fdocuments.us/reader035/viewer/2022070522/58eec0981a28ab2d0b8b45bf/html5/thumbnails/7.jpg)
Existing Digital Forensics Models Kruse and Heiser Model: These components
focus on maintaining the integrity of the evidence during the investigation. [1] Acquiring the evidence; Authenticating the evidence, and Analyzing the data.
The United States of America’s Department of Justice proposed model. [1]collection; examination; analysis, and reporting.
![Page 8: National framework for digital forensics bangladesh context](https://reader035.fdocuments.us/reader035/viewer/2022070522/58eec0981a28ab2d0b8b45bf/html5/thumbnails/8.jpg)
Existing Digital Forensics Models (Cont.) The Scientific Crime Scene Investigation Model
proposed by Lee. [2] Recognition; Identification; Individualization, and reconstruction.
Brian Carrier and Eugene Spafford [3] proposed yet another model that organizes the process into five groups consisting all in all 17 phases.Readdiness
PhasesDeployment
Phases
Physical Crime Scene
Investigation Phases
Review Phase
Digital Crime Scene
Investigation Phases
![Page 9: National framework for digital forensics bangladesh context](https://reader035.fdocuments.us/reader035/viewer/2022070522/58eec0981a28ab2d0b8b45bf/html5/thumbnails/9.jpg)
Existing FrameworksThe Digital Forensics Research Working Group
(DFRW) developed a framework [4] : Identification; Preservation; Collection; Examination; Analysis;Presentation, and Decision.
![Page 10: National framework for digital forensics bangladesh context](https://reader035.fdocuments.us/reader035/viewer/2022070522/58eec0981a28ab2d0b8b45bf/html5/thumbnails/10.jpg)
Existing Frameworks (Cont.)Reith proposed Framework [5]:
Identification;Preparation; Approach; Strategy; Preservation; Collection; Examination; Analysis;Presentation, and Returning evidence.
![Page 11: National framework for digital forensics bangladesh context](https://reader035.fdocuments.us/reader035/viewer/2022070522/58eec0981a28ab2d0b8b45bf/html5/thumbnails/11.jpg)
Existing Frameworks (Cont.)Framework proposed by Ciardhuáin [6]
Awareness;Authorization; Planning; Notification; Search for and identify evidence; Collection;Transportation; Storage; Examination; Hypothesis; Presentation; Poof/ Defense, andDissemination
![Page 12: National framework for digital forensics bangladesh context](https://reader035.fdocuments.us/reader035/viewer/2022070522/58eec0981a28ab2d0b8b45bf/html5/thumbnails/12.jpg)
Md. Abu Taher DulalProposed Digital Forensics
FrameworkBangladesh Context
![Page 13: National framework for digital forensics bangladesh context](https://reader035.fdocuments.us/reader035/viewer/2022070522/58eec0981a28ab2d0b8b45bf/html5/thumbnails/13.jpg)
Proposed Framework
Pre Process
Awareness
Authorization
Preparation
Planning
Approach
Approach Strategy
Preservation
EvidenceCollectio
n
Transport
Storage
Analysis
Evidence Examinati
on
Hypothesis
EvidenceAnalysis
Presentation
Presentation /
Reporting
Decision / Critics
Post Process
EvidenceReturnin
g
Project Close
Send Project to Archive
![Page 14: National framework for digital forensics bangladesh context](https://reader035.fdocuments.us/reader035/viewer/2022070522/58eec0981a28ab2d0b8b45bf/html5/thumbnails/14.jpg)
Proposed Framework (Cont.) Authorization (approval) Preparation (intelligence for search, adequate toolkits,
operational briefing, task allocation) Approach strategy: that develops a procedure to use in order to
maximize the collection of untainted evidence while minimizing the impact to the victim.
Preservation: which involves the isolation, securing and preservation of the state of physical and digital evidence.
Collection: that entails the recording of the physical scene and duplicate digital evidence using standardized and accepted procedures.
Examination: which involves an in-depth systematic search of evidence relating to the suspected crime.
Analysis: which involves determination of the significance, reconstructing fragments of data and drawing conclusions based on evidence found.
Presentation: that involves the summary and explanation of conclusions.
Returning evidence: that ensures physical and digital property is returned to proper owner.
![Page 15: National framework for digital forensics bangladesh context](https://reader035.fdocuments.us/reader035/viewer/2022070522/58eec0981a28ab2d0b8b45bf/html5/thumbnails/15.jpg)
Md. Masud ParvezCyber Crime Cases Reported in BangladeshCases Validate Proposed Digital Forensics
Framework.
![Page 16: National framework for digital forensics bangladesh context](https://reader035.fdocuments.us/reader035/viewer/2022070522/58eec0981a28ab2d0b8b45bf/html5/thumbnails/16.jpg)
Cyber Crime Cases Reported in BangladeshCase No. Case description
01
To Submit a report, A central bank probe blamed the lax monitoring of Sonali Bank's treasury division for the illegal transfer of $250,000 to a Turkish bank. The treasury division did not even perform its own duty,” Bangladesh Bank said in its probe conducted in July last year. In June 2013, the passwords of two officials of the state-run commercial bank's Shilpa Bhaban corporate branch were used to send payment instructions for $250,000 and €250,000 to Sonali Bank UK within a space of five days.
02 To Submit a report, A university teacher was posting a comment on Facebook wishing the death for Prime Minister Sheikh Hasina.
03Mr. X sent himself spoofed e-mails, which were supposedly from the Euro Lottery Company. These mails informed him that he had won the largest lottery.
04 Malicious Mail to Foreign Diplomatic Mission and Other VIPs05 Use of e-mail for illegal activities 06 Illegal Prostitution Promotion Sites from Bangladesh
07 To submit a report on usage of certain computers for making pornography and indecent films.
![Page 17: National framework for digital forensics bangladesh context](https://reader035.fdocuments.us/reader035/viewer/2022070522/58eec0981a28ab2d0b8b45bf/html5/thumbnails/17.jpg)
Cases Validate Proposed Digital Forensics Framework.
Case No Descr ip t i on
Awareness
Authorization
Preparation
Planning
Approach
Preservation
Collection
Transport
Storage
Examination
Hypothesis
Analysis
Presentation
Decision
Retuning Evidence
01 Sonali Bank treasury blamed for illegal cash transfer
Y Y Y Y Y Y Y Y Y Y Y Y Y Y Y
02To Submit a report, A university teacher was posting a comment on Facebook wishing the death for Prime Minister Sheikh Hasina.
Y Y Y Y Y Y Y Y Y Y Y Y Y Y Y
03
Mr. X sent himself spoofed e-mails, which were supposedly from the Euro Lottery Company. These mails informed him that he had won the largest lottery.
Y Y Y Y Y Y Y Y Y Y Y Y Y Y Y
04 Malicious Mail to Foreign Diplomatic Mission and Other VIPs
Y Y Y Y Y Y Y Y Y Y Y Y Y Y Y
05Report summit for Illegal Prostitution Promotion Sites from Bangladesh
Y Y Y Y Y Y Y Y Y Y Y Y Y Y Y
06To check a report on usage of certain computers for making pornography and indecent films.
N N N N N N Y Y Y Y Y Y Y Y Y
![Page 18: National framework for digital forensics bangladesh context](https://reader035.fdocuments.us/reader035/viewer/2022070522/58eec0981a28ab2d0b8b45bf/html5/thumbnails/18.jpg)
Rajib MahmudChallengesExpected OutcomesUpcoming Activity Plan & Timeline
![Page 19: National framework for digital forensics bangladesh context](https://reader035.fdocuments.us/reader035/viewer/2022070522/58eec0981a28ab2d0b8b45bf/html5/thumbnails/19.jpg)
Challenges Device Diversity Volume of Evidence Video and Rich Media Encryption Anti-forensics Virtualization Live Response Distributed Evidence Usability & Visualization Education & Certification Embedded Systems Corporate Governance & Forensic Readiness Monitoring Tools Data Volumes Counter Forensics Networked Evidence
![Page 20: National framework for digital forensics bangladesh context](https://reader035.fdocuments.us/reader035/viewer/2022070522/58eec0981a28ab2d0b8b45bf/html5/thumbnails/20.jpg)
A Generic National Framework for Digital Forensics Investigation in Bangladesh ContextDigital Forensics Investigation ProcessDigital Forensics PoliciesStandards for investigation processGuideline for Digital Forensics Investigation
Expected Outcomes
![Page 21: National framework for digital forensics bangladesh context](https://reader035.fdocuments.us/reader035/viewer/2022070522/58eec0981a28ab2d0b8b45bf/html5/thumbnails/21.jpg)
SL Activities Expected Deadline
1Preparing a generic Policy for the Bangladesh context based on the framework developed.
April 23, 2015
2Preparing a set of Standards for every components so that digital forensics investigation will be proceed in a organized manner.
April 30, 2015
3Proposing a Guideline that how the digital forensics investigation will be proceed.
May 05, 2015
4 Project Final Presentation May 08, 2015
Upcoming Activity Plan & Timeline
![Page 22: National framework for digital forensics bangladesh context](https://reader035.fdocuments.us/reader035/viewer/2022070522/58eec0981a28ab2d0b8b45bf/html5/thumbnails/22.jpg)
Reference [1] Framework for a Digital Forensic Investigation Michael Kohn1,
JHP Eloff2 and MS Olivier3 [email protected], et al, Information and Computer Security Architectures Research Group (ICSA) Department of Computer Science University of Pretoria
[2] Casey, E.: Digital Evidence and Computer Crime, 2nd Edition, Elsevier Academic Press, 2004.
[3] Brian Carrier and Eugene H Spafford,(2003) Getting Physical with the Investigative Process International Journal of Digital Evidence. Fall 2003,Volume 2, Issue 2.
[4] National Institute of Justice. Results from Tools and Technologies Working Group, Goverors Summit on Cybercrime and Cyberterrorism, Princeton NJ, 2002.
[5] Reith, M., Carr, C. and Gunsch, G.:An Examination of Digital Forensic Models, International Journal of Digital Evidence. Fall 2002, Volume 1, Issue 3, 2002.
[6] Ciardhuáin, SO.: An Extended Model of Cybercrime Investigations, International Journal of Digital Evidence. Summer 2004, Volume 3, Issue1, 2004.
![Page 23: National framework for digital forensics bangladesh context](https://reader035.fdocuments.us/reader035/viewer/2022070522/58eec0981a28ab2d0b8b45bf/html5/thumbnails/23.jpg)
![Page 24: National framework for digital forensics bangladesh context](https://reader035.fdocuments.us/reader035/viewer/2022070522/58eec0981a28ab2d0b8b45bf/html5/thumbnails/24.jpg)
Thank you for your patience