Upload File

digital forensics xinwen fu associate professor department of computer science university of...

  • Home
  • Documents
  • DIGITAL FORENSICS Xinwen Fu Associate Professor Department of Computer Science University of Massachusetts Lowell Center for Cyber Forensics, UMass Lowell
12
DIGITAL FORENSICS Xinwen Fu Associate Professor Department of Computer Science University of Massachusetts Lowell Center for Cyber Forensics, UMass Lowell

Upload: edwina-gardner

Post on 17-Dec-2015

219 views

Category:

Documents


0 download

Report

Tags:

TRANSCRIPT

Page 1: DIGITAL FORENSICS Xinwen Fu Associate Professor Department of Computer Science University of Massachusetts Lowell Center for Cyber Forensics, UMass Lowell

DIGITAL FORENSICS

Xinwen Fu

Associate ProfessorDepartment of Computer Science

University of Massachusetts Lowell

Center for Cyber Forensics, UMass Lowell

Page 2: DIGITAL FORENSICS Xinwen Fu Associate Professor Department of Computer Science University of Massachusetts Lowell Center for Cyber Forensics, UMass Lowell

Outline

Introduction

Our Network Forensic Toolkits

Conclusion

2

Xinwen Fu

Page 3: DIGITAL FORENSICS Xinwen Fu Associate Professor Department of Computer Science University of Massachusetts Lowell Center for Cyber Forensics, UMass Lowell

Introduction3

Based on Symantec Internet Security Threat Report 2011 Trends

Symantec blocked more than 5.5 billion attacks in 2011

Over 154 attacks took place per day in Dec. 2011

Attacks skyrocketed by more than 81% compared with 2010

More than 232.4 million identities were exposed

Xinwen Fu

Page 4: DIGITAL FORENSICS Xinwen Fu Associate Professor Department of Computer Science University of Massachusetts Lowell Center for Cyber Forensics, UMass Lowell

Digital Forensics

Recovery and investigation of material found in digital devices, often in relation to computer crime

Encompassment of the seizure, forensic imaging (acquisition) and analysis of digital media and the production of a report into collected evidence for the benefit of courts or employers (incrimination or exoneration)

4

Digital Forensics

Computer Forensics

Network Forensics

Xinwen Fu

Page 5: DIGITAL FORENSICS Xinwen Fu Associate Professor Department of Computer Science University of Massachusetts Lowell Center for Cyber Forensics, UMass Lowell

5

Xinwen Fu

Exam

ple

Com

pute

r Fo

rensi

c To

olk

it® (

FTK

®)

Page 6: DIGITAL FORENSICS Xinwen Fu Associate Professor Department of Computer Science University of Massachusetts Lowell Center for Cyber Forensics, UMass Lowell

Our Research on Network Forensics

3DLoc2

HAWK

Sr RobotLegend:

Mini Helicopter-based Wireless Kit (HAWK)

3D localization and locking toolkit on vehicle (3DLoc2)

Search and rescue robot (Sr Robot)

6

Hand-held Locator (HaLo)

HaLo

Evil

Xinwen Fu

Page 7: DIGITAL FORENSICS Xinwen Fu Associate Professor Department of Computer Science University of Massachusetts Lowell Center for Cyber Forensics, UMass Lowell

Outline

Introduction

Our Network Forensic Toolkits

Conclusion

7

Xinwen Fu

Page 8: DIGITAL FORENSICS Xinwen Fu Associate Professor Department of Computer Science University of Massachusetts Lowell Center for Cyber Forensics, UMass Lowell

Demo – HAWK: mini-Helicopter-based Aerial Localization Wireless Kit

8

youtu.be/watch?v=ju86xnHbEq0

Xinwen Fu

http://www.youtube.com/watch?v=ju86xnHbEq0
http://www.youtube.com/watch?v=ju86xnHbEq0
http://www.youtube.com/watch?v=ju86xnHbEq0
http://www.youtube.com/watch?v=ju86xnHbEq0
Page 9: DIGITAL FORENSICS Xinwen Fu Associate Professor Department of Computer Science University of Massachusetts Lowell Center for Cyber Forensics, UMass Lowell

Demo - HaLo: Hand-held Locator youtu.be/QGhBrt26Q8Y

9

Xinwen Fu

http://youtu.be/QGhBrt26Q8Y
http://youtu.be/QGhBrt26Q8Y
Page 10: DIGITAL FORENSICS Xinwen Fu Associate Professor Department of Computer Science University of Massachusetts Lowell Center for Cyber Forensics, UMass Lowell

Outline

Introduction

Our Network Forensic Toolkits

Conclusion

10

Xinwen Fu

Page 11: DIGITAL FORENSICS Xinwen Fu Associate Professor Department of Computer Science University of Massachusetts Lowell Center for Cyber Forensics, UMass Lowell

Conclusion

Digital forensics is the science fighting against cyber crime

We researched and implemented novel network forensic toolkits and demonstrated HAWK – mini-Helcipter-based Aerial Wireless Kit HaLo – Hand-held Locator

We study related laws in Network Forensics

We refine the framework of Network Forensics

11

Xinwen Fu

Page 12: DIGITAL FORENSICS Xinwen Fu Associate Professor Department of Computer Science University of Massachusetts Lowell Center for Cyber Forensics, UMass Lowell

12 Xinwen Fu 12/15Xinwen Fu

Thank you!

Xinwen Fu


91.460.201 & 91.530.202 Selected Topics: Digital Forensics Overview of Intrusion Detection/prevention Xinwen Fu

LOWELL JOURNAL. - Lowell Ledger Archivelowellledger.kdl.org/Lowell Journal/1880/11_November/11-24-1880.pdf · LOWELL JOURNAL LOWELL MICH. A LIKE PAPER IN I LIVE TOWN. TerniH!—ii»1.50

iPhone Forensics Methodology and Tools · Forensics methodologies, iPhone forensics, forensics tools, digital forensics evidence handling, INTRODUCTION iPhone mobile phone is becoming

91.580.203 Computer & Network Forensics Part I: Computer Forensics Chapter 2 Understanding Computer Investigation Xinwen Fu

LOWELL JOURNAL - Kent District Librarylowellledger.kdl.org/Lowell Journal/1890/02_February/02...LOWELL JOURNAL. WEDNESDAY FEBRUARY 19, 1890 Business Cards. LOWELL JOURNAL Q LIUDASirLL

Memory Forensics - publish.illinois.edupublish.illinois.edu/.../files/2014/03/acc-forensics.pdfWhat is Computer Forensics? Mobile Device Forensics Network Forensics Memory & Data Forensics

91.580.203 Computer & Network Forensics Chapter 1 Computer Forensics and Investigations as a Profession Xinwen Fu

Lowell, Robert - Poemas de Robert Lowell

91.460.201 & 91.530.202 Selected Topics: Digital Forensics Xinwen Fu Chapter 8 Macintosh and Linux Boot Processes and File Systems

91.580.203 Computer & Network Forensics FTK Forensic Toolkit Xinwen Fu

Advanced Topic: Memory Imaging Xinwen Fu 91.580.203 Computer & Network Forensics Brian D. Carrier and Joe Grand, A Hardware-Based Memory Acquisition Procedure

LOWELL JOURNAL - Lowell Ledger Archivelowellledger.kdl.org/Lowell Journal/1893/04_April/04-12-1893.pdf · I mm LOWELL JOURNAL Volume 2ft. XTo 4kl. LOWELL. MICH., WEDNESDAY. APHIL

Advanced Topic: Memory Imaging Xinwen Fu 91.460.201 & 91.530.202 Selected Topics: Digital Forensics Brian D. Carrier and Joe Grand, A Hardware-Based Memory

91.204.201 Computing IV Introduction Xinwen Fu. CS@UML By Dr. Xinwen Fu2 2 About Instructor Dr. Xinwen Fu, associate professor of CS@UML Homepage: xinwenfu

The Influence of Extreme News - Xinwen Chen

91.460.201 & 91.530.202 Selected Topics: Digital Forensics Part I: Computer Forensics Chapter 2 Understanding Computer Investigation Xinwen Fu

LOWELL WEEKLY JOURNAL. - Lowell Ledger Archivelowellledger.kdl.org/Lowell Weekly Journal/1871/01_January/01-04... · LOWELL WEEKLY JOURNAL. Office in Oraham's Block, Up Stairs. "Liberty

LOWELL JOURNAL - Lowell Ledger Archivelowellledger.kdl.org/Lowell Journal/1879/02_February/02-26-1879.pdf · lowell journal, pmliihio wiik.lf, il uwell, nukigai, bj jtas. w.uxnb

Forensics & Anti- Forensics

91.580.203 Computer & Network Forensics Computer Physical Security Xinwen Fu

Lowell Courier 6 June 1844 Lowell Courier articles

91.580.203 Computer & Network Forensics Xinwen Fu Chapter 7/8 File Systems - Supplementary Materials

91.580.203 Computer & Network Forensics Xinwen Fu Chapter 7 Working with Windows and DOS Systems

91.460.201 & 91.530.202 SELECTED TOPICS: DIGITAL FORENSICS Xinwen Fu, UMass Lowell, USA Center for Cyber Forensics, UMass Lowell

8JLD1- Penelitian Rahasia Wulin Xinwen Jishi (1-29)

One Cell is Enough to Break Tor’s Anonymity Xinwen Fu University of Massachusetts Lowell Team members Zhen Ling, Southeast University Junzhou Luo, Southeast

LOWELL WEEKLY JOURNAL - Lowell Ledger Archivelowellledger.kdl.org/Lowell Weekly Journal/1871/08_August/08-23... · LOWELL WEEKLY JOURNAL ffice in Graham's Block, ... opposite rcsldenoe

One Cell is Enough to Break Tor’s Anonymity Cell is Enough to Break Tor’s Anonymity Xinwen Fu University of Massachusetts Lowell Team members Zhen Ling, Southeast University Junzhou

DENIS OSIPOV, XINWEN ZHU arXiv:1305.6032v2 [math.AG] 16 …authors.library.caltech.edu/49880/1/1305.6032v2.pdf · 2014. 9. 21. · DENIS OSIPOV, XINWEN ZHU Abstract. We define a

91.460.201 & 91.530.202 Selected Topics: Digital Forensics Chapter 7 Current Computer Forensics Tools Xinwen Fu

COE589: Digital Forensics - ccse.kfupm.edu.saahmadsm/coe589-122/00_Overview_Logisti… · Digital Forensics computer forensics mobile forensics network forensics ... COE589 - Ahmad

2020 ANNUAL REPORT - UMass Lowell | UMass Lowell

91.580.203 Computer & Network Forensics Overview of Intrusion Detection/prevention Xinwen Fu

LOWELL WEEKLY JOURNAL. - Lowell Ledger Archivelowellledger.kdl.org/Lowell Weekly Journal/1871/08_August/08-02... · LOWELL WEEKLY JOURNAL. ... i Rees Bros. ••DEALERS in Dry Goods,

Xinwen Fu Linux Logging Mechanisms 91.580.203 Computer & Network Forensics