Cyber Crime and Cyber Terrorism



Download 5,67 Mb.
Pdf ko'rish
bet73/283
Sana19.05.2022
Hajmi5,67 Mb.
#604880
1   ...   69   70   71   72   73   74   75   76   ...   283
Bog'liq
Cyber crime and cyber terrorism investigators handbook by Babak

Mismatch
- the signature and extension do not match and therefore the file 
should be checked to identify evidence of manipulation
FILTERING EVIDENCE
It is well known that a hash value is an important tool within any high-tech investiga-
tion. Hash values are intrinsic to a forensic investigation; they are initially utilized 
to verify and confirm the integrity of the evidence received. They can then be used 
to confirm the integrity of any, and all, evidence produced. An investigator can also 
use hash values to reduce the amount of data under review - through the use of what 
is referred to as hash sets, which are simply a grouping of known hash values. An 
investigator can maintain a vast hash set which can significantly cut down on the files 
to be reviewed; removing what is “known good” can vastly reduce what needs to be 
investigated, thus speeding up the entire investigation.
It is also possible to create custom hash sets of notable files which can be run 
against a case to quickly identify what is present. If a file or data are provided at the 
start of the investigation, for example an image that is of interest, a hash can be cre-
ated of the image and then searched for across the exhibit - based purely on the hash 
value. This is a quick way to identify notable files and will allow the investigator to 
focus on data that contains information definitely related to the investigation.

67
 
Core evidence
KEYWORD SEARCHING
Keyword searching allows the quick identification of notable terms and information, 
typically retrieved from the remit or the background information. An ability to iden-
tify keywords that are relevant to an investigation is an extremely important skill. The 
wrong keyword choice may take several days to run and months to review. There are 
generally two ways to conduct a search:

Download 5,67 Mb.

Do'stlaringiz bilan baham:
1   ...   69   70   71   72   73   74   75   76   ...   283



Ma'lumotlar bazasi mualliflik huquqi bilan himoyalangan ©hozir.org 2024
ma'muriyatiga murojaat qiling
kiriting | ro'yxatdan o'tish
    Bosh sahifa
юртда тантана
Боғда битган
Бугун юртда
Эшитганлар жилманглар
Эшитмадим деманглар
битган бодомлар
Yangiariq tumani
qitish marakazi
Raqamli texnologiyalar
ilishida muhokamadan
tasdiqqa tavsiya
tavsiya etilgan
iqtisodiyot kafedrasi
steiermarkischen landesregierung
asarlaringizni yuboring
o'zingizning asarlaringizni
Iltimos faqat
faqat o'zingizning
steierm rkischen
landesregierung fachabteilung
rkischen landesregierung
hamshira loyihasi
loyihasi mavsum
faolyatining oqibatlari
asosiy adabiyotlar
fakulteti ahborot
ahborot havfsizligi
havfsizligi kafedrasi
fanidan bo’yicha
fakulteti iqtisodiyot
boshqaruv fakulteti
chiqarishda boshqaruv
ishlab chiqarishda
iqtisodiyot fakultet
multiservis tarmoqlari
fanidan asosiy
Uzbek fanidan
mavzulari potok
asosidagi multiservis
'aliyyil a'ziym
billahil 'aliyyil
illaa billahil
quvvata illaa
falah' deganida
Kompyuter savodxonligi
bo’yicha mustaqil
'alal falah'
Hayya 'alal
'alas soloh
Hayya 'alas
mavsum boyicha

yuklab olish