Download PowerPoint 簡報 - Fiscalía de Chile

Survey
yes no Was this document useful for you?
   Thank you for your participation!

* Your assessment is very important for improving the workof artificial intelligence, which forms the content of this project

page
1
page
2
page
3
page
4
page
5
page
6
page
7
page
8
page
9
page
10
page
11
page
12
page
13
page
14
page
15
page
16
page
17
page
18
page
19
page
20
page
21
page
22
page
23
page
24
page
25
Document related concepts
no text concepts found
Transcript 
APEC ACT Workshop, Santiago, Chile
11th-13th June 2013
Use of IT Resources for
Evidence Gathering & Analysis
Raymond SO Wing-keung
Assistant Director
Independent Commission Against Corruption
Hong Kong Special Administrative Region, China
Computing Devices
2
Social Networking Tools
3
Every 60 Seconds on the Internet
370,000+ Minutes
Voice Calls
80,000+ Wall Posts
510,000+ Comments
600+ Videos
(25 Hours+)
Uploaded
168+ Million Emails
Sent
98,000+ Tweets
700,000+
Search
Queries
100+
New Accounts
6,600+
Pictures
Uploaded
(Source: Go-Globe.com)
4
Why Criminals Use IT
• Share information
• Multi-national communication
• Swift action
• Hiding identity
• Process and storage of large amount of data
• ………………….ultimately to avoid detection
5
How do we use IT resources?
6
Digital Forensics
• Data acquisition, recovery, preservation and examination
• Computer
– Email
– Document file…
• Mobile phone
–
–
–
–
–
–
7
Call history
Contact list
Short message
Email
Photo
WhatsApp
Mobile Digital Forensics
Laboratory
• Shielded environment to block communication,
e.g. remote wipe
8
Faraday Bags
9
Technical Tools
• Data recovery
– Recover deleted files
• Information analysis
– Call records
– SMS
– Email…
– WhatsApp
10
Data Recovery Tool
11
Call Record Analysis
12
SMS Analysis
13
Email Analysis
14
ultinational Fast Food Managing Director
Accepted Bribes
Record Digitization System
• Handled > 100,000 pages of bank statement
each year
• Automatic conversion of statements/records
in pre-defined templates into Excel files
• Developed by internal IT experts
16
17
R. D. S.
18
Centralized Storage of
Digital Exhibits
• Storage Area Network (SAN)
– Over 250TB storage
– Connected by fibre channel
• Multiple examiners
can work
collaboratively on
one case
19
ISP Enquiry
• Internet Service Provider (ISP) may provide
– Subscriber information
– Login IP address: for tracing physical location and
subscriber information
– Email content: usually court warrant is needed
– How about ISP or their servers in other jurisdictions?
• Mutual Legal Assistance
20
Challenges (1)
Technical difficulties
• Cloud computing
– Information and evidence are remotely stored
– Liaison with online service providers
• Huge data size
– Storage Area Network (SAN) to keep forensic image
• Data encryption
– Password cracking tool
– Chip level data acquisition
21
Challenges (2)
Admissibility of digital evidence
• Local digital evidence
• Foreign digital evidence
• Expert opinion on chain of evidence
• Admissibility of evidence in court trials
22
The Way Ahead
Capacity Building
• Dedicated expert teams
• Training
• Collaboration with IT counterparts
23
The Way Ahead
International Cooperation
• Formal Cooperation – UNCAC
• Informal Channels – APEC
24
Thank You
www.icac.org.hk
Related documents
What Is the Internet Powerpoint presentation - NC-NET
What Is the Internet Powerpoint presentation - NC-NET
1 Introduction To Information Technology
1 Introduction To Information Technology
Facebook_Whats_app
Facebook_Whats_app
FORENSICS Computer Forensics
FORENSICS Computer Forensics
Lect01
Lect01
載點2
載點2
What are we missing?
What are we missing?
Teaching Online: Some of the Issues
Teaching Online: Some of the Issues
Internet Presentation
Internet Presentation
Mobile Web Programming
Mobile Web Programming
ppt - IIT Bombay
ppt - IIT Bombay
9. telecommunications
9. telecommunications