The final project will be placed in the Doc Sharing area at the beginning of Week 6. It is an individual project and you have Weeks 6 and 7 to complete it. Its name is ccsi460FinalProject.zip and is a 14.8MB compressed file. The zip file contains the disk image acquired through FTK Imager and the original FTK acquisition report. The image file is 15.5MB uncompressed so make sure your hard drive has that amount of space free.
Your case is to investigate the Intelligent Imaging Solutions (IIS) image and objectively report on the following.
Your determination of the IIS source code exposure, along with suspects and methods used for the exposure.
Your determination of other suspicious and/or illegal activity within IIS.
This investigation should incorporate all previous knowledge gained in the previous CCSI courses, including Digital Crime, Forensics I, and this course.
Your copy of FTK, that you downloaded and installed in the Week 1 Lab, will be used for the investigation. Since this is a senior-level course and the final course in the forensic track, your ingenuity, knowledge, professionalism, and resourcefulness are assumed.
Digital forensic is a major branch of forensic science that entails the recovery and inquiry of tools that are found in digital devices. The digital forensic is mostly related to computer crimes and other illegal activities. The digital forensic stores evidence that is reliable in court. The evidence stored in binary form is reliable in a court of law. The image or evidence is stored in a mobile phone, a computer hard drive, or a flash card in a camera. Information stored electronically is referred to as digital as it has broken down into digits: binary units of zeros (0) and one (1).
Computer images and videos are examples of data that is assembled from electronic devices and used efficiently as proof in the court of law. For example, mobile devices rely on online-based reserve structures to collect their information (Agarwal, R. et al. 2015). The structure is also referred to as cloud and provides investigators with access to images that is taken by a specific phone. Also, mobile phones stores location where the device have passed through and the time it was there. Thus, the investigators through gaining a subpoena of a definite mobile device account can assemble an abundant deal of history linked to the mobile device and the suspect that uses it.
To determine other suspicious activities, the investigator ought to seize mobile devices used for criminal activities. They should turn off the device and instantly remove the battery. The phone is then secluded to its cell tower by placing it a blocking material or Faraday bag to disallow alteration of material facts (Dezfoli, F. N. 2013). Also, they should seize standing alone computers and equipment. The procedures will assist to determine any other suspicious activities of a criminal nature. The World Wide Web or the internet is a better technique of identifying any traffic of illegal image, reconnaissance, and information.
Agarwal, R., & Kothari, S. (2015). Review of digital forensic investigation frameworks. In Information Science and Applications (pp. 561-571). Springer Berlin Heidelberg.
Dezfoli, F. N., Dehghantanha, A., Mahmoud, R., Sani, N. F. B. M., & Daryabar, F. (2013). Digital forensic trends and future. International Journal of Cyber-Security and Digital Forensics (IJCSDF), 2(2), 48-76.