|
|
Areas of cyber-forensics: - getting around passwords
- cracking encrypted files
- tracing the true source of e-mail (and spam)
- tracking people on-line
- tracking software piracy
- recovering deleted data
- data finding (defeating steganography)
- WAV files
- images
- finding "random" information (indicates cryptography)
- finding hidden images
- matching data to the PC that generated it
- matching floppy disk to PC that created it
- matching Word documents to PC that created it
- search techniques
- remotely monitoring a computer
- finding hidden web-sites
- social engineering in chat rooms
- investigative software
- cyber-forensics in the courtroom
- Wipe (1)
Recovering data from hard-drives
| |
- Intrusion Detection Systems as Evidence-Although the main aim of IDSs is to detect intrusions and prompt evasive measures, a further aim can be to supply evidence in criminal and civil proceedings. However the features that make a ID product good at providing early warning may render it less useful as an evidence-acquisition tool.
|
|
