computer forensics

(redirected from Cyber forensics)

computer forensics

[kəm¦pyüd·ər fə′ren·ziks]
(forensic science)
The study of evidence from attacks on computer systems in order to learn what has occurred, how to prevent it from recurring, and the extent of the damage.

computer forensics

The investigation of a computer system believed to be involved in cybercrime. Forensic software provides a variety of tools for investigating a suspect PC. Such programs may copy the entire hard drive to another system for inspection, allowing the original to remain unaltered.

Another utility compares file extensions to the content within the files to determine if they have been camouflaged with phony extensions. For example, an image file might be renamed as a text document and vice versa. In addition, hard drives can be examined for data that has been deleted (see data remanence).

Network Forensics
In order to identify attacks, "network forensics" deals with the capture and inspection of packets passing through a selected node in the network. Packets can be inspected on the fly or stored on disk for later analysis. See hidden disk areas, forensically clean, slack space, write blocker, file wipe, IDS, Internet forensics and security event management software.

NIST Phases



The National Institute of Standards and Technology "Guide to Integrating Forensic Techniques into Incident Responses" covers four phases, which are briefly summarized below. For the complete 121-page NIST publication, download draft SP 800-86 at http://csrc.nist.gov/publications/nistpubs.

1 - Collection: Identify, label, record and acquire data from possible sources, while preserving the integrity of the data.

2 - Examination: Use manual and automated methods to assess and extract data of particular interest, while preserving the integrity of the data.

3 - Analysis: Use legally justifiable methods and techniques to derive useful information.

4 - Reporting: Describe actions used, explain how tools and procedures were selected, determine what other actions need to be performed, including forensic examination of additional data sources, securing identified vulnerabilities and improving existing security controls. Recommend improvements to policies, guidelines, procedures, tools and other aspects of the forensic process.
References in periodicals archive ?
Tenders are invited for Proc and instln of big data analysis and cyber forensics plant for the assam rifles
Under Section 44 of the Act, a special court headed by judges who were duly trained in cyber forensics, electronic transactions and data protection was also supposed to be sanctioned.
In the past as well, the C-DAC Trivandrum was consulted by the NIA's Kochi branch for capacity building of NIA IT division and in the field of Cyber Forensics.
Lewis is SSC Atlantic's Cyber Forensics technical lead, an advanced level Ethical Hacker, Certified Digital Forensics Analyst and expert Network Security Engineer.
This is important to the field of cyber forensics, because the knowledge that is shared between the domain of computer forensics experts and the specifications of tools that can be used for digital evidence investigation is still being developed.
The master's degree programs include Business and Technology Management, Communication Studies, Cyber Forensics, Forensic Science, Forensic Studies, Healthcare Management, Nursing, and Master of Arts in Teaching (MAT) in Science or Mathematics (grades 7-12).
Privately-held Maglan specialises in offensive cyber simulation, vulnerability countermeasures, cyber forensics and malware defenses, and IT security research and development with a focus on threat intelligence.
Mobile forensics and cyber forensics are things we work with on a regular basis.
It includes courses in computers and applications, beginning programming, computing technologies, information security, secure electronic commerce, database management, operating systems and hardware, networking technologies, network administration, network security and cyber forensics.
Mandiant, FireEye's cyber forensics group, identified a financially motivated threat group targeting payment card data using sophisticated malware that executes before the operating system boots.
She recently completed requirements for a bachelor's degree in information systems and is planning to obtain a master's degree in cyber forensics and information security.
2]issues the Certified Information Systems Security Professional (CISSP[R]) and related concentrations, as well as the Certified Secure Software Lifecycle Professional (CSSLP[R]), the Certified Cyber Forensics Professional (CCFPSM), Certified Authorization Professional (CAP[R]), HealthCare Information Security and Privacy Practitioner (HCISPPSM), and Systems Security Certified Practitioner (SSCP[R]) credentials to qualifying candidates.