...Event-Based Digital Forensic Investigation Framework∗ Brian D. Carrier carrier@cerias.purdue.edu Eugene H. Spafford spaf@cerias.purdue.edu Center for Education and Research in Information Assurance and Security - CERIAS Purdue University West Lafayette, IN 47907 USA Abstract In this paper, we present a framework for digital forensics that includes an investigation process model based on physical crime scene procedures. In this model, each digital device is considered a digital crime scene, which is included in the physical crime scene where it is located. The investigation includes the preservation of the system, the search for digital evidence, and the reconstruction of digital events. The focus of the investigation is on the reconstruction of events using evidence so that hypotheses can be developed and tested. This paper also includes definitions and descriptions of the basic and core concepts that the framework uses. 1 Introduction Since the first Digital Forensic Research Workshop (DFRWS) in 2001 [Pal01], the need for a standard framework has been understood, yet there has been little progress on one that is generally accepted. A framework for digital forensics needs to be flexible enough so that it can support future technologies and different types of incidents. Therefore, it needs to be simple and abstract. On the other hand, if it is too simple and abstract then it is difficult to create tool requirements and test procedures for each phase. For this paper, we have...
Words: 6869 - Pages: 28
...Bus 220: Business Communication and Information Systems M8A1: Final Examination June 20, 2013 1. Explain virtual reality. Provide three examples. Virtual reality (VR) is a system “that enables one or more users to move and react in a computer-simulated environment.” (Stair & Reynolds, 2012, p. 337) Virtual reality applies sights and sounds in an artificial environment where human actions determine to an extent, what occurs inside the environment. Today, virtual reality is used in communication, training, and treatment in a spectrum of areas including the medical field, entertainment, and education. Medical VR systems “provide a new human-computer interaction paradigm in which users are no longer simply external observers of images on a computer screen but are active participants within a computer-generated 3D virtual world.” (G & B, 2002) Inside the world of virtual reality, medial applications such as three dimensional visualization of anatomy, telepresence surgery, complex medical database visualization, rehabilitation, surgical simulators and virtual surgical equipment as well as virtual operating rooms are emerging. Facilitated through computer interface, these medical applications of virtual reality are essential in the field of medicine. These applications allow individuals to learn human anatomy by “flying inside and around organs.” (Satava, 1995) The purpose of VR systems in the medical field is to ultimately develop a digital physician. Virtual...
Words: 2575 - Pages: 11
...DETAIL SOIL INVESTIGATION INTRODUCTION SOIL INVESTIGATION is carried out to design a right type of foundation safely and economically. A designer requires adequate information about the physical properties and the arrangement of the materials underground. The field and laboratory investigations needed to get this necessary information is known as soil exploration. The study of complete soil investigations can be grouped as follows : • Objectives or purposes, • Preliminary investigations, • Methods of site exploration, • Depth and spacing of trial pits and bore holes, • Choice of a method, • Recording of data. The investigation of the geology and previous uses of any site, together with the determination of its engineering, environmental and contamination characteristics is fundamental to both safe and economic development. [pic] SOIL TESTING • Soil tests can be conducted on samples that truly represent the soil at the site. • Soil sampling, testing and test interpretation must be conducted with guidance from specially trained and experienced personnel. • Proper soil testing is proven to be a reliable basis for the design of foundations and commonly used in site investigations to indicate their potential use and limitations. • Based on the premise that the behavior of soil masses under imposed conditions can be predicted if certain soil properties can be measured. • The results of soil tests must be interpreted based on past experience...
Words: 1681 - Pages: 7
...Phases of the traditional Systems Development Life Cycle (SLDC) for Bank ATM Software David Phillip Piña University of Phoenix Abstract This paper will attempt to explain the six different phases in a traditional systems development life cycle for developing software to run a bank’s automatic teller machine (ATM) machine. The input and output for each phase will be clearly outlined. Information from my Week 1 CIS/319 class readings will be used as a guide. Phases of the traditional Systems Development Life Cycle (SLDC) for a Bank ATM The Six Phases According to Moore, W., Nolan, E., & Gillard, “There are six different phases in a traditional systems development life cycle. The first phase is preliminary investigation, the second phase is system study, the third phase is system analysis, the fourth phase is programming and implementation, the fifth phase is support and maintenance, and the sixth phase is documentation”. (2006) According to Computer World, “Stages of the traditional system development lifecycle can be characterized and divided up in different ways, including the following: Project planning, feasibility study: Establishes a high-level view of the intended project and determines its goals. Systems analysis, requirements definition: Refines project goals into defined functions and operation of the intended application. Analyzes end-user information needs. Systems design: Describes desired features and operations in detail, including...
Words: 769 - Pages: 4
...Term Paper: Investigating Data Theft By: Daniel Figueroa Strayer University CIS417 Prof. Curtis Bunch Digital Forensics is an important aspect to computer systems security. I mean we are talking about Identifying, Collecting, Preserving, Analyzing, and Presenting evidence digitally. Therefore, preserving electronic evidence is important. Investigating Data Theft is a malice act towards a company/ organization (Kruse, 2001). Such theft is made by an employee that is either terminated or resigning. Motives for data theft include setting up a competing business, using the information at a new job, sense of ownership of what was created, and revenge against the employer, among other things. Common Theft include, customer information, financial records, software code, email lists, strategic plans, process documents, secret formulas, databases, research and development materials, and employee records. Now, with such theft around, we often wonder how is such theft achieved. Knowing how technology is always advancing each year, the millennium era grows with fascinating knowledge on the know how to working a computer, hard drives, etc. Tools like flash drive, which can hold thousands of documents that can be copied to the flash drive, and taken anywhere. Then you have Dropbox, remote desktop connections, personal email accounts, smart phones, CD’s/DVD’s, and FTP ( File Transfer Protocol ) (Kruse, 2001) There is always this saying, that personnel who steal data often leave...
Words: 1774 - Pages: 8
...Phase 1 (individual) I. DESCRIPTION For this project, you will eventually be working in teams to study and analyze companies in view of what you have learned. Please collect the Handout that describes all the various ratios you will need to calculate. In this first phase you will select an industry and within that industry, identify two companies with similar type operations that you find interesting from a management perspective and for which you feel you have access to financial information. Further, identify another company which is the leader in this industry that you have chosen. Do an initial investigation into this industry and these companies. Get your feet wet, look in the web, read journal articles, magazines, newspaper and find interesting engineering and management features you want to learn more about. Use companies related to other subjects if you want, and most of all, have fun! II. DELIVERABLES Produce a 2 page report describing the industry and each company you have chosen to analyse as well as the industry leader. Give details as to their locations, sizes, operations and any other information you may consider important. Include pictures and graphs as you see fit. Your report should be divided into at least 2 sections: 1 1. Overall description of the industry and the two companies (where, when, why, current status, etc) 2 2. Identify key issues or problems that you regard as unique in each company. Also identify the factors that make the two...
Words: 686 - Pages: 3
...project idea, typically used as input to a project portfolio planning process. The goal | |is to not only capture good ideas for new projects, but also to provide a crisp and consistent format that allows new project ideas to be | |rapidly and systematically compared with projects already in the start queue or in operation. | |Several examples are included to show how a proposal form can be used in the early days of a new project idea. Some proposals are used to get | |new ideas into consideration as potential projects, even when only the idea and sketchy idea of its potential return is known. Other more | |detailed proposals go further to include detailed business justification information and first estimates of costs and benefits, so that | |Executive Management can make decisions about whether to fund the project and when. Examples of both are included. | |Why It’s Useful |...
Words: 1175 - Pages: 5
...Investigational New Drug (IND) review process begins from the time the sponsor files investigation new drug application and the purpose of the review is to confirm the safety and efficacy of the patient for the drug. Moreover in the process of review if the review committee notifies any deficiencies by the new drug then there will be a clinical however if there are no deficiencies the drug will be approved for new drug application and will be under continuous review to make sure , that the drug does not cause any potential harm. This entire step wise process of review is explained in the following paper INVESTIGATIONAL NEW DRUG REVIEW PROCESS The following flow chart gives an overview of the IND review process Applicant (Drug Sponsor) IND Review by CDER Statistical Pharmacology/ Toxicology Medical Chemistry Sponsor Submits New Data Safety Review Safety acceptable for study to proceed Clinical Hold Decision Notify Sponsor Complete reviews Reviews Complete and Acceptable? Sponsor Notified of Deficiencies No Deficiencies Study Ongoing INVESTIGATIONAL NEW DRUG REVIEW PROCESS I. Applicant (Drug sponsor): An applicant or the sponsor is a person or a group who takes responsibility and initiates for the investigation of new drug. A person other than an individual that uses one or more of its own employees to conduct an investigation that it has initiated is a sponsor. The sponsor may be an individual, partnership...
Words: 1524 - Pages: 7
...Introduction to Information Systems Development APRIL 2009 Question 1 a) System Development Life Cycle (SDLC) is one of the commonly used methods for developing information system. Explain what SDLC is. (4 marks) OCTOBER 2009 Question 1 a) Developing information systems is a complex process and requires team effort with different skills and experts. Explain the role of the following team members in relation to SDLC. i) End user ii) Infrastructure analyst iii) System Analyst iv) Project manager (8 marks) OCTOBER 2010 Question 1 a) List the phases that can be found in the systems development life cycle. (5 marks) b) Explain two (2) critics towards the waterfall model of the systems development life cycle. (4 marks) APRIL 2011 Question 1 * An information systems development team needs a mixture of knowledge and skills to successfully build a system. List any four (4) personnel involved in a typical information systems development team. (2 marks) JANUARY 2012 Question 1 a) State the FIVE (5) components of a computer-based information system. (2.5 marks) JUNE 2012 Question 1 a) Systems development life cycle is a series of recommended steps or phases designed as a guideline for developing information system. List any two (2) tasks involved in each of the phases of a systems development life cycle. (5 marks) JANUARY 2013 Question 1 Titan Sdn. Bhd. is planning to develop a new computer based information system...
Words: 3158 - Pages: 13
...Value. It is not too difficult find information about mobile phones vulnerabilities and methods to data recovery, but on the contrary, it is complicated find information about data recovery using professional manners (digital forensic methods). 4.4 Project Interest. The methods and techniques that will be described in this project can be used as guide for digital forensic students, or can also be used to improve the knowledge of digital forensic professionals. 5. METHODOLOGY The methodology used in this research will be divided in different phases, in order to offer a better perspective and understanding with respect to this research. The list of devices used during the investigation is: Nokia C5-00. It was chosen for this research...
Words: 638 - Pages: 3
...Accounting Information System Requirement Chris Leasure XACC/210 October 11, 2013 Accounting Information System Requirement When we are trying to develop the accounting information system effectively, we have to break the process down into phases. The system development life cycle also known as (SDLC) is made up of analysis, design, planning and investigation, implementation, maintenance phases and also follow-ups. The people that work with the accounting information systems are specially trained accountants that way we can be ensure of the accuracy in the company’s financial transactions and also able to keep financial data. With the planning and investigation phase are made up of a team to investigate the current system that is installed and they have to make recommendation to the steering committee. The team’s main goal is to find ways for the user’s request of change and also to improve the existing system. System analysis requires the team to identify the general systems goals, top management systems and also operating management system goals. This is where the team will analyze the information that the organization needs and the system activities, resources and products and also capabilities of the IS that is required to meet the needs of the users. After this phase is done then the team will send the report to the steering committee to see their recommendations. Once everything gets approved then that is when the system design will start. The system design team will...
Words: 423 - Pages: 2
...System Development Plan Axia College of University of Phoenix Management of Information Systems June 10, 2007 There are several phases in a system development plan, which will help The Fitness Center meet its objectives and goals. The key phases to a development plan include investigation, analysis, design, implementation and review and maintenance. Failure to complete each phase in detail may result in an unsuccessful development plan. The Fitness Center has five locations with approximately 650 members and 30 employees at each location. The purpose of a new information system is to provide its members the capability to monitor their exercise activity. This includes the type of exercise, the length of time and the loss or gain of weight and inches. By monitoring such activity, will provide information to both the member and the personal trainer to build an exercise program which best fits the member’s personal needs. A new system will also help the company obtain a competitive advantage over the other fitness clubs throughout the city. A new database will tack all member information, such as name, address, date-of-birth, date of enrollment and if the member is current on their member fees. As well as the member, management will also be able to report on the member’s activity. The reports will indicate which type of equipment is being used, what classes are being participated in and total weekly expenses. Results may indicate management needs to add equipment...
Words: 2602 - Pages: 11
...System Analysis Phase The System Analysis Phase is used to identify requirements for hardware and software components of the proposed system. Our main purpose of the system analysis for Polly's Towing was to identify and document the requirements for an information system to support organizational activities in the payroll and customer billing department. The key output of this phase is a summary document of system/data requirements that explains what the system should be built to, how data should be processed and what technical or support requirements may exist (System Development Life Cycle Policy, 1999, p. 5). During this phase interviews are conducted to identify the needs of the end users. The pros and cons are weighed of the interviews and the requirements are designed based on the information collected. The investigation into Polly’s Towing payroll processing and customer billing system has identified the following requirements: Hardware Requirements • The payroll processing and customer billing application should be run on a computer system and should consider the following specifications: Pentium 4 processor or compatible, 2 GB RAM or more, 250 GB disk space, CD-ROM, at least 2 USB ports, an Ethernet port. • The computer system should support an Inkjet or better printer. • The hardware should have a minimum of a three year warranty. Software Requirements • The application should be stand alone. • The application should be written in Microsoft formats. • The...
Words: 550 - Pages: 3
...sustainability of his business, ensuring that the company has reliable partners (sub-contractors, suppliers, etc.). In particular he is worried about the possibility that the pollution in Atlanta area could be connected to his company directly and then he needs to know how to deal with the problem or indirectly and then he needs to know how to prevent the gossips. In any case he needs to know how to deliver the news to the public without damaging the reputation of his company. 2. The Executive Committee Avoid leakage of the information and activities that can negatively influence the IPO process and decrease the company’s value RESULTS: Do: Undertake the recommended activities to communicate the CDEP findings to the public, the employees and the shareholders .Feel: Relieved and assured – he has the plan how to communicate the news to the public and within the company. Know: the results of the CDEP investigation that the bad ordure and...
Words: 1056 - Pages: 5
...corresponding workloads and required working hours of working students affect their academic performance at EARIST. As a researcher, the main purpose of the study is to know the factors that affect the academic performance of working students. In addition, this paper aims to provide encouragement and motivation to all students especially to those who are financially distressed to pursue and finish a college degree in order to competitive in the future and be able to realize their goals and aspirations. It may also provide learning experiences and information to other students who are not working. In order to accomplish our objectives, we adopted several methodologies in obtaining data and information such as conducting surveys by providing questionnaires to our subjects, getting information in the internet and conducting interviews personally and honestly with our target subjects to get assurance that our data, information and values gathered were correct and accurate. Conceptual framework INPUT PROCESS OUTPUT Analysis of the input through 1. Distribution of questionnaires 2. Data gathering 3. Statistical treatment 4. Analyzing 5. interpreting | Determined Factors Affecting Academic Performance of Working Students of EARIST | Profile of the respondents: a....
Words: 1519 - Pages: 7
