The Regional Computer Forensics Lab System - dfrws · The Regional Computer Forensics Lab System By...
-
Upload
truongduong -
Category
Documents
-
view
220 -
download
0
Transcript of The Regional Computer Forensics Lab System - dfrws · The Regional Computer Forensics Lab System By...
![Page 1: The Regional Computer Forensics Lab System - dfrws · The Regional Computer Forensics Lab System By Sean O'Brien Presented At The Digital Forensic Research Conference DFRWS 2014 USA](https://reader031.fdocuments.us/reader031/viewer/2022022117/5cb2a96088c99331158bf986/html5/thumbnails/1.jpg)
DIGITAL FORENSIC RESEARCH CONFERENCE
The Regional Computer Forensics Lab System
By
Sean O'Brien
Presented At
The Digital Forensic Research Conference
DFRWS 2014 USA Denver, CO (Aug 3rd - 6th)
DFRWS is dedicated to the sharing of knowledge and ideas about digital forensics research. Ever since it organized
the first open workshop devoted to digital forensics in 2001, DFRWS continues to bring academics and practitioners
together in an informal environment. As a non-profit, volunteer organization, DFRWS sponsors technical working
groups, annual conferences and challenges to help drive the direction of research and development.
http:/dfrws.org
![Page 2: The Regional Computer Forensics Lab System - dfrws · The Regional Computer Forensics Lab System By Sean O'Brien Presented At The Digital Forensic Research Conference DFRWS 2014 USA](https://reader031.fdocuments.us/reader031/viewer/2022022117/5cb2a96088c99331158bf986/html5/thumbnails/2.jpg)
Digital'Forensics''
A'Law'Enforcement'Perspec7ve'
Squad'I>5''–''FBI'Denver'Division'
August'5,'2014'
SSA'Sean'K.'O’Brien'
Laboratory'Director'
![Page 3: The Regional Computer Forensics Lab System - dfrws · The Regional Computer Forensics Lab System By Sean O'Brien Presented At The Digital Forensic Research Conference DFRWS 2014 USA](https://reader031.fdocuments.us/reader031/viewer/2022022117/5cb2a96088c99331158bf986/html5/thumbnails/3.jpg)
Mission'='Service'
The'Rocky'Mountain'RCFL'is'a'one'stop,'full'service'forensics'laboratory'and'
training'center'devoted'en7rely'to'the'examina7on'of'digital'evidence'in'
support'of'criminal'and'na7onal'security'inves7ga7ons'such'as:''
• Terrorism/Counter'Intelligence'
• Violent'Crime'
• Computer'Intrusions'
• Child'Exploita7on'• Violent'Crimes'
• Property'Crimes'
• Financial'Crime'
• Training'–'other'law'enforcement'agencies'
• On>site'imaging'
• Most'things'digital'
• Expert'witness'tes7mony'
![Page 4: The Regional Computer Forensics Lab System - dfrws · The Regional Computer Forensics Lab System By Sean O'Brien Presented At The Digital Forensic Research Conference DFRWS 2014 USA](https://reader031.fdocuments.us/reader031/viewer/2022022117/5cb2a96088c99331158bf986/html5/thumbnails/4.jpg)
''''''''The'FBI'Story'–'Digital'Evolu7on'
![Page 5: The Regional Computer Forensics Lab System - dfrws · The Regional Computer Forensics Lab System By Sean O'Brien Presented At The Digital Forensic Research Conference DFRWS 2014 USA](https://reader031.fdocuments.us/reader031/viewer/2022022117/5cb2a96088c99331158bf986/html5/thumbnails/5.jpg)
ASCLD/LAB'Accredita7on'
ISO'17025:2005'
'
'
! 'Standard'Opera7ng'Procedures'(SOP)'
! 'Quality'Assurance'Policy'
! '100%'Technical/Administra7ve'Review'
'
! Expert'Witness'
![Page 6: The Regional Computer Forensics Lab System - dfrws · The Regional Computer Forensics Lab System By Sean O'Brien Presented At The Digital Forensic Research Conference DFRWS 2014 USA](https://reader031.fdocuments.us/reader031/viewer/2022022117/5cb2a96088c99331158bf986/html5/thumbnails/6.jpg)
Par7cipa7ng'Agencies'
• 18th'Judicial'District'DA’s'Office'
• Adams'County'Sheriff’s'Office'
• Arvada'Police'Department'
• Aurora'Police'Department'
• Colorado'Bureau'of'Inves7ga7on'
• Commerce'City'Police'Department'
• Denver'District'Aborney’s'Office'
• Denver'Police'Department'
• Douglas'County'Sheriff’s'Office'
• Federal'Bureau'of'Inves7ga7on'
• Jefferson'County'Sheriff’s'Office'
• Lakewood'Police'Department'
• Libleton'Police'Department'
• Thornton'Police'Department'
![Page 7: The Regional Computer Forensics Lab System - dfrws · The Regional Computer Forensics Lab System By Sean O'Brien Presented At The Digital Forensic Research Conference DFRWS 2014 USA](https://reader031.fdocuments.us/reader031/viewer/2022022117/5cb2a96088c99331158bf986/html5/thumbnails/7.jpg)
FE'Special7es'
• Windows'–'AD'Lab'
• Mac''
• UNIX'/'Linux'• Cell'Phone/Tablet/Camera'
• EnCase'
![Page 8: The Regional Computer Forensics Lab System - dfrws · The Regional Computer Forensics Lab System By Sean O'Brien Presented At The Digital Forensic Research Conference DFRWS 2014 USA](https://reader031.fdocuments.us/reader031/viewer/2022022117/5cb2a96088c99331158bf986/html5/thumbnails/8.jpg)
Cases'by'Classifica7on'
ICAC 47%
Violent Crime 23%
White Collar 17%
![Page 9: The Regional Computer Forensics Lab System - dfrws · The Regional Computer Forensics Lab System By Sean O'Brien Presented At The Digital Forensic Research Conference DFRWS 2014 USA](https://reader031.fdocuments.us/reader031/viewer/2022022117/5cb2a96088c99331158bf986/html5/thumbnails/9.jpg)
'''''Portable'Device'Triage'Strategy'
![Page 10: The Regional Computer Forensics Lab System - dfrws · The Regional Computer Forensics Lab System By Sean O'Brien Presented At The Digital Forensic Research Conference DFRWS 2014 USA](https://reader031.fdocuments.us/reader031/viewer/2022022117/5cb2a96088c99331158bf986/html5/thumbnails/10.jpg)
Notable'Cases'
2009 - Najibullah Zazi, a Colorado resident arrested in a planned terrorist attack on New York City Subways.
2014 Dotson - Denver man sentenced for raping woman he also allegedly tried to kill from jail.
![Page 11: The Regional Computer Forensics Lab System - dfrws · The Regional Computer Forensics Lab System By Sean O'Brien Presented At The Digital Forensic Research Conference DFRWS 2014 USA](https://reader031.fdocuments.us/reader031/viewer/2022022117/5cb2a96088c99331158bf986/html5/thumbnails/11.jpg)
Notable'Cases'
2011 - Marc O'Leary Pled guilty – 327 years.
2012 – Austin Sigg Pled guilty – Life + 86 Years
![Page 12: The Regional Computer Forensics Lab System - dfrws · The Regional Computer Forensics Lab System By Sean O'Brien Presented At The Digital Forensic Research Conference DFRWS 2014 USA](https://reader031.fdocuments.us/reader031/viewer/2022022117/5cb2a96088c99331158bf986/html5/thumbnails/12.jpg)
Ques7ons?'
Rocky Mountain RCFL 9195 E. Mineral Ave
Centennial, CO 80112 303-649-7900
www.rmrcfl.org [email protected]