SlideShare a Scribd company logo

2013-10-18 Computer Forensics and Hash Values

Download as PPTX, PDF
Frederick Lane
Frederick Lane

A presentation delivered to the New Hampshire Association of Criminal Defense Lawyers on October 18, 2013.

Technology
1 of 14
Computer Forensics: Images and Integrity Frederick S. Lane NHACDL Fall 2013 CLE Concord, NH 18 October 2013 www.FrederickLane.com www.ComputerForensicsDigest.com
Background and Expertise • Attorney and Author of 7 Books • Computer Forensics Expert -- 15 years • Over 100 criminal cases • Lecturer on ComputerRelated Topics – 20+ years • Computer user (midframes, desktops, laptops) – 35+ years
Lecture Overview • Not Your Mother’s Hash • The Role of Hash Values in Computer Forensics • The Growing Use of Hash Flags • P2P Investigations Using Hash Values
Not Your Mother’s Hash • Cryptograhic Hash Values • Relatively Easy to Generate • Extremely Difficult to Determine Original Data from Hash Value • Extremely Difficult to Change Data without Changing Hash • Extremely Unlikely that Different Data Will Produce the Same Hash Value
Types of Hash Alogirithms • Secure Hash Algorithm • Developed by NIST in 1995 • 40 characters long • Message Digest • Developed by Prof. Rivest in 1990 • 32 characters long • Photo DNA • Developed by Microsoft • Hash value based on histograms of multiple section of image
Complex Explanation • The word DOG can be represented in different ways: • Binary: 010001000110111101100111 • Hexadecimal: 646f67 • A hash algorithm converts the hexadecimal value to a fixed-length hexadecimal string. • SHA-1: e49512524f47b4138d850c9d9d85972927281 da0 • MD5: 06d80eb0c50b49a509b49f2424e8c805
Complex Explanation • Changing a single letter changes each value. • For instance, the word COG produces the following values: • Binary: 010000110110111101100111 • Hexadecimal: 436f67 • SHA-1: d3da816674b638d05caa672f60f381ff504e578c • MD5: 01e33197684afd628ccf82a5ae4fd6ad
Simple Explanation Oatmeal-Raisin Cookies Oatmeal-Chocolate Chip Cookies
Evidence Integrity • Acquisition Hashes • Creation of Mirror Images • Verification of Accuracy of Mirror Images • Use of “Known File Filter” • Hashkeeper • National Software Reference Library • NCMEC CVIP Database
Growing Use of Hash Flags • Child Protection and Sexual Predator Act of 1998 • 2008: ISPs Agree to Block Access to Known Sources of CP and to Scan for NCMEC Hash Values • SAFE Act: Requires ISPs and OSPs to Turn Over Subscriber Info If Known CP Is Identified
P2P Hash Values • Basic Operation of Peer-toPeer Networks • • • • Decentralized Distribution Gnutella and eDonkey Client Software Hash Values Associated with Each File
Automated P2P Searches • Peer Spectre or Nordic Mule Scans for IP Addresses of Devices Offering to Share Known CP Files • IP Addresses Are Stored by TLO in Child Protection System • Officers Conduct “Undercover” Investigations by Reviewing Spreadsheets of Hits in CPS
Growing Defense Concerns • No Independent Examination of Proprietary Software • Very Little Information Regarding TLO or CPS • Peer Spectre May Generate False Hits Due to Normal Operation of P2P Clients • Search Warrant Affidavits Fail to Mention Role of TLO or CPS
Computer Forensics: Images and Integrity Frederick S. Lane NHACDL Fall 2013 CLE Concord, NH 18 October 2013 www.FrederickLane.com www.ComputerForensicsDigest.com

Recommended

2013-12-18 Digital Forensics and Child Pornography
2013-12-18 Digital Forensics and Child Pornography2013-12-18 Digital Forensics and Child Pornography
2013-12-18 Digital Forensics and Child PornographyFrederick Lane
 
2013-12-06 Digital Forensics and Child Pornography
2013-12-06 Digital Forensics and Child Pornography2013-12-06 Digital Forensics and Child Pornography
2013-12-06 Digital Forensics and Child PornographyFrederick Lane
 
Scuba diving into The Deep Dark Web
Scuba diving into The Deep Dark WebScuba diving into The Deep Dark Web
Scuba diving into The Deep Dark Webn|u - The Open Security Community
 
Dark web
Dark webDark web
Dark webSaqib Ullah
 
Why We Need a Dark(er) Web
Why We Need a Dark(er) WebWhy We Need a Dark(er) Web
Why We Need a Dark(er) WebJeroen Baert
 
osint - open source Intelligence
osint - open source Intelligenceosint - open source Intelligence
osint - open source IntelligenceOsama Ellahi
 
American Privacy: The 400-Year History of Our Most Contested Right
American Privacy: The 400-Year History of Our Most Contested RightAmerican Privacy: The 400-Year History of Our Most Contested Right
American Privacy: The 400-Year History of Our Most Contested RightFrederick Lane
 
2017-03-09 Cybertraps for Educators
2017-03-09 Cybertraps for Educators2017-03-09 Cybertraps for Educators
2017-03-09 Cybertraps for EducatorsFrederick Lane
 

Recommended

2013-12-18 Digital Forensics and Child Pornography
2013-12-18 Digital Forensics and Child Pornography2013-12-18 Digital Forensics and Child Pornography
2013-12-18 Digital Forensics and Child PornographyFrederick Lane
 
2013-12-06 Digital Forensics and Child Pornography
2013-12-06 Digital Forensics and Child Pornography2013-12-06 Digital Forensics and Child Pornography
2013-12-06 Digital Forensics and Child PornographyFrederick Lane
 
Scuba diving into The Deep Dark Web
Scuba diving into The Deep Dark WebScuba diving into The Deep Dark Web
Scuba diving into The Deep Dark Webn|u - The Open Security Community
 
Dark web
Dark webDark web
Dark webSaqib Ullah
 
Why We Need a Dark(er) Web
Why We Need a Dark(er) WebWhy We Need a Dark(er) Web
Why We Need a Dark(er) WebJeroen Baert
 
osint - open source Intelligence
osint - open source Intelligenceosint - open source Intelligence
osint - open source IntelligenceOsama Ellahi
 
American Privacy: The 400-Year History of Our Most Contested Right
American Privacy: The 400-Year History of Our Most Contested RightAmerican Privacy: The 400-Year History of Our Most Contested Right
American Privacy: The 400-Year History of Our Most Contested RightFrederick Lane
 
2017-03-09 Cybertraps for Educators
2017-03-09 Cybertraps for Educators2017-03-09 Cybertraps for Educators
2017-03-09 Cybertraps for EducatorsFrederick Lane
 
CompTIASecPLUS-Part6 - UnlimitedEdited.pptx
CompTIASecPLUS-Part6 - UnlimitedEdited.pptxCompTIASecPLUS-Part6 - UnlimitedEdited.pptx
CompTIASecPLUS-Part6 - UnlimitedEdited.pptxmohedkhadar60
 
Strategies for integrating semantic and blockchain technologies
Strategies for integrating semantic and blockchain technologiesStrategies for integrating semantic and blockchain technologies
Strategies for integrating semantic and blockchain technologiesHéctor Ugarte
 
Ch 12: Cryptography
Ch 12: CryptographyCh 12: Cryptography
Ch 12: CryptographySam Bowne
 
Hunting on the cheap
Hunting on the cheapHunting on the cheap
Hunting on the cheapAnjum Ahuja
 
Hunting on the Cheap
Hunting on the CheapHunting on the Cheap
Hunting on the CheapEndgameInc
 
Sullivan randomness-infiltrate 2014
Sullivan randomness-infiltrate 2014Sullivan randomness-infiltrate 2014
Sullivan randomness-infiltrate 2014Cloudflare
 
Cryptography
CryptographyCryptography
CryptographyJohnsonDaniel JohnsonDaniel
 
CNIT 123 12: Cryptography
CNIT 123 12: CryptographyCNIT 123 12: Cryptography
CNIT 123 12: CryptographySam Bowne
 
Applying Machine Learning to Network Security Monitoring - BayThreat 2013
Applying Machine Learning to Network Security Monitoring - BayThreat 2013Applying Machine Learning to Network Security Monitoring - BayThreat 2013
Applying Machine Learning to Network Security Monitoring - BayThreat 2013Alex Pinto
 
International collaborative efforts to share threat data in a vetted member c...
International collaborative efforts to share threat data in a vetted member c...International collaborative efforts to share threat data in a vetted member c...
International collaborative efforts to share threat data in a vetted member c...CODE BLUE
 
tHE GENERATION AND USE OF TLS FINGERPRINGTS
tHE GENERATION AND USE OF TLS FINGERPRINGTStHE GENERATION AND USE OF TLS FINGERPRINGTS
tHE GENERATION AND USE OF TLS FINGERPRINGTSortdx
 
Cryptography
CryptographyCryptography
CryptographyPPT4U
 
Cryptographic Chronicles: Unveiling Definitions, Algorithms, Attacks, and App...
Cryptographic Chronicles: Unveiling Definitions, Algorithms, Attacks, and App...Cryptographic Chronicles: Unveiling Definitions, Algorithms, Attacks, and App...
Cryptographic Chronicles: Unveiling Definitions, Algorithms, Attacks, and App...zachdwg
 
Checksum 101
Checksum 101Checksum 101
Checksum 101Ross Spencer
 
Cryptography
CryptographyCryptography
CryptographyTêjäçhoudhary Maddineni
 
Cryptography
CryptographyCryptography
CryptographyPragun Shah
 
On Physical Web models
On Physical Web modelsOn Physical Web models
On Physical Web modelsColdbeans Software
 
DHPA Techday 2015 - Maciej Korczyński - Reputation Metrics Design to Improve ...
DHPA Techday 2015 - Maciej Korczyński - Reputation Metrics Design to Improve ...DHPA Techday 2015 - Maciej Korczyński - Reputation Metrics Design to Improve ...
DHPA Techday 2015 - Maciej Korczyński - Reputation Metrics Design to Improve ...Splend
 
TakeDownCon Rocket City: “White Hat Anonymity”: Current challenges security r...
TakeDownCon Rocket City: “White Hat Anonymity”: Current challenges security r...TakeDownCon Rocket City: “White Hat Anonymity”: Current challenges security r...
TakeDownCon Rocket City: “White Hat Anonymity”: Current challenges security r...EC-Council
 
Advanced Research Investigations for SIU Investigators
Advanced Research Investigations for SIU InvestigatorsAdvanced Research Investigations for SIU Investigators
Advanced Research Investigations for SIU InvestigatorsSloan Carne
 
2020-03-03 Privacy and the Ethical Educator
2020-03-03 Privacy and the Ethical Educator2020-03-03 Privacy and the Ethical Educator
2020-03-03 Privacy and the Ethical EducatorFrederick Lane
 
2020-02-25 Cybertraps and Cyberethics for Educators
2020-02-25 Cybertraps and Cyberethics for Educators2020-02-25 Cybertraps and Cyberethics for Educators
2020-02-25 Cybertraps and Cyberethics for EducatorsFrederick Lane
 

More Related Content

Similar to 2013-10-18 Computer Forensics and Hash Values

CompTIASecPLUS-Part6 - UnlimitedEdited.pptx
CompTIASecPLUS-Part6 - UnlimitedEdited.pptxCompTIASecPLUS-Part6 - UnlimitedEdited.pptx
CompTIASecPLUS-Part6 - UnlimitedEdited.pptxmohedkhadar60
 
Strategies for integrating semantic and blockchain technologies
Strategies for integrating semantic and blockchain technologiesStrategies for integrating semantic and blockchain technologies
Strategies for integrating semantic and blockchain technologiesHéctor Ugarte
 
Ch 12: Cryptography
Ch 12: CryptographyCh 12: Cryptography
Ch 12: CryptographySam Bowne
 
Hunting on the cheap
Hunting on the cheapHunting on the cheap
Hunting on the cheapAnjum Ahuja
 
Hunting on the Cheap
Hunting on the CheapHunting on the Cheap
Hunting on the CheapEndgameInc
 
Sullivan randomness-infiltrate 2014
Sullivan randomness-infiltrate 2014Sullivan randomness-infiltrate 2014
Sullivan randomness-infiltrate 2014Cloudflare
 
CNIT 123 12: Cryptography
CNIT 123 12: CryptographyCNIT 123 12: Cryptography
CNIT 123 12: CryptographySam Bowne
 
Applying Machine Learning to Network Security Monitoring - BayThreat 2013
Applying Machine Learning to Network Security Monitoring - BayThreat 2013Applying Machine Learning to Network Security Monitoring - BayThreat 2013
Applying Machine Learning to Network Security Monitoring - BayThreat 2013Alex Pinto
 
International collaborative efforts to share threat data in a vetted member c...
International collaborative efforts to share threat data in a vetted member c...International collaborative efforts to share threat data in a vetted member c...
International collaborative efforts to share threat data in a vetted member c...CODE BLUE
 
tHE GENERATION AND USE OF TLS FINGERPRINGTS
tHE GENERATION AND USE OF TLS FINGERPRINGTStHE GENERATION AND USE OF TLS FINGERPRINGTS
tHE GENERATION AND USE OF TLS FINGERPRINGTSortdx
 
Cryptography
CryptographyCryptography
CryptographyPPT4U
 
Cryptographic Chronicles: Unveiling Definitions, Algorithms, Attacks, and App...
Cryptographic Chronicles: Unveiling Definitions, Algorithms, Attacks, and App...Cryptographic Chronicles: Unveiling Definitions, Algorithms, Attacks, and App...
Cryptographic Chronicles: Unveiling Definitions, Algorithms, Attacks, and App...zachdwg
 
DHPA Techday 2015 - Maciej Korczyński - Reputation Metrics Design to Improve ...
DHPA Techday 2015 - Maciej Korczyński - Reputation Metrics Design to Improve ...DHPA Techday 2015 - Maciej Korczyński - Reputation Metrics Design to Improve ...
DHPA Techday 2015 - Maciej Korczyński - Reputation Metrics Design to Improve ...Splend
 
TakeDownCon Rocket City: “White Hat Anonymity”: Current challenges security r...
TakeDownCon Rocket City: “White Hat Anonymity”: Current challenges security r...TakeDownCon Rocket City: “White Hat Anonymity”: Current challenges security r...
TakeDownCon Rocket City: “White Hat Anonymity”: Current challenges security r...EC-Council
 
Advanced Research Investigations for SIU Investigators
Advanced Research Investigations for SIU InvestigatorsAdvanced Research Investigations for SIU Investigators
Advanced Research Investigations for SIU InvestigatorsSloan Carne
 

Similar to 2013-10-18 Computer Forensics and Hash Values (20)

CompTIASecPLUS-Part6 - UnlimitedEdited.pptx
CompTIASecPLUS-Part6 - UnlimitedEdited.pptxCompTIASecPLUS-Part6 - UnlimitedEdited.pptx
CompTIASecPLUS-Part6 - UnlimitedEdited.pptx
 
Strategies for integrating semantic and blockchain technologies
Strategies for integrating semantic and blockchain technologiesStrategies for integrating semantic and blockchain technologies
Strategies for integrating semantic and blockchain technologies
 
Ch 12: Cryptography
Ch 12: CryptographyCh 12: Cryptography
Ch 12: Cryptography
 
Hunting on the cheap
Hunting on the cheapHunting on the cheap
Hunting on the cheap
 
Hunting on the Cheap
Hunting on the CheapHunting on the Cheap
Hunting on the Cheap
 
Sullivan randomness-infiltrate 2014
Sullivan randomness-infiltrate 2014Sullivan randomness-infiltrate 2014
Sullivan randomness-infiltrate 2014
 
Cryptography
CryptographyCryptography
Cryptography
 
CNIT 123 12: Cryptography
CNIT 123 12: CryptographyCNIT 123 12: Cryptography
CNIT 123 12: Cryptography
 
Applying Machine Learning to Network Security Monitoring - BayThreat 2013
Applying Machine Learning to Network Security Monitoring - BayThreat 2013Applying Machine Learning to Network Security Monitoring - BayThreat 2013
Applying Machine Learning to Network Security Monitoring - BayThreat 2013
 
International collaborative efforts to share threat data in a vetted member c...
International collaborative efforts to share threat data in a vetted member c...International collaborative efforts to share threat data in a vetted member c...
International collaborative efforts to share threat data in a vetted member c...
 
tHE GENERATION AND USE OF TLS FINGERPRINGTS
tHE GENERATION AND USE OF TLS FINGERPRINGTStHE GENERATION AND USE OF TLS FINGERPRINGTS
tHE GENERATION AND USE OF TLS FINGERPRINGTS
 
Cryptography
CryptographyCryptography
Cryptography
 
Cryptographic Chronicles: Unveiling Definitions, Algorithms, Attacks, and App...
Cryptographic Chronicles: Unveiling Definitions, Algorithms, Attacks, and App...Cryptographic Chronicles: Unveiling Definitions, Algorithms, Attacks, and App...
Cryptographic Chronicles: Unveiling Definitions, Algorithms, Attacks, and App...
 
Checksum 101
Checksum 101Checksum 101
Checksum 101
 
Cryptography
CryptographyCryptography
Cryptography
 
Cryptography
CryptographyCryptography
Cryptography
 
On Physical Web models
On Physical Web modelsOn Physical Web models
On Physical Web models
 
DHPA Techday 2015 - Maciej Korczyński - Reputation Metrics Design to Improve ...
DHPA Techday 2015 - Maciej Korczyński - Reputation Metrics Design to Improve ...DHPA Techday 2015 - Maciej Korczyński - Reputation Metrics Design to Improve ...
DHPA Techday 2015 - Maciej Korczyński - Reputation Metrics Design to Improve ...
 
TakeDownCon Rocket City: “White Hat Anonymity”: Current challenges security r...
TakeDownCon Rocket City: “White Hat Anonymity”: Current challenges security r...TakeDownCon Rocket City: “White Hat Anonymity”: Current challenges security r...
TakeDownCon Rocket City: “White Hat Anonymity”: Current challenges security r...
 
Advanced Research Investigations for SIU Investigators
Advanced Research Investigations for SIU InvestigatorsAdvanced Research Investigations for SIU Investigators
Advanced Research Investigations for SIU Investigators
 

More from Frederick Lane

2020-03-03 Privacy and the Ethical Educator
2020-03-03 Privacy and the Ethical Educator2020-03-03 Privacy and the Ethical Educator
2020-03-03 Privacy and the Ethical EducatorFrederick Lane
 
2020-02-25 Cybertraps and Cyberethics for Educators
2020-02-25 Cybertraps and Cyberethics for Educators2020-02-25 Cybertraps and Cyberethics for Educators
2020-02-25 Cybertraps and Cyberethics for EducatorsFrederick Lane
 
2020-02-24 Cultivating a Culture of Cybersecurity
2020-02-24 Cultivating a Culture of Cybersecurity2020-02-24 Cultivating a Culture of Cybersecurity
2020-02-24 Cultivating a Culture of CybersecurityFrederick Lane
 
2020-02-23 Cybersecurity Audits for Tech Directors
2020-02-23 Cybersecurity Audits for Tech Directors2020-02-23 Cybersecurity Audits for Tech Directors
2020-02-23 Cybersecurity Audits for Tech DirectorsFrederick Lane
 
2020-02-22 The Rise of the Digital Mob
2020-02-22 The Rise of the Digital Mob2020-02-22 The Rise of the Digital Mob
2020-02-22 The Rise of the Digital MobFrederick Lane
 
2020-02-14 Using Video Games as a Motivational Tool
2020-02-14 Using Video Games as a Motivational Tool2020-02-14 Using Video Games as a Motivational Tool
2020-02-14 Using Video Games as a Motivational ToolFrederick Lane
 
2020-02-14 The Perils of Social Media
2020-02-14 The Perils of Social Media2020-02-14 The Perils of Social Media
2020-02-14 The Perils of Social MediaFrederick Lane
 
2020-02-14 Cybertraps for Educators
2020-02-14 Cybertraps for Educators2020-02-14 Cybertraps for Educators
2020-02-14 Cybertraps for EducatorsFrederick Lane
 
2020-02-14 Understanding the 4Ps: Personal, Private, Public, and Professional
2020-02-14 Understanding the 4Ps: Personal, Private, Public, and Professional2020-02-14 Understanding the 4Ps: Personal, Private, Public, and Professional
2020-02-14 Understanding the 4Ps: Personal, Private, Public, and ProfessionalFrederick Lane
 
2020-02-13 Teaching Cyberethics to Prospective Teachers
2020-02-13 Teaching Cyberethics to Prospective Teachers2020-02-13 Teaching Cyberethics to Prospective Teachers
2020-02-13 Teaching Cyberethics to Prospective TeachersFrederick Lane
 
2020-02-13 Cyberethics and the MCEE
2020-02-13 Cyberethics and the MCEE2020-02-13 Cyberethics and the MCEE
2020-02-13 Cyberethics and the MCEEFrederick Lane
 
2020-02-13 Teaching Cyberethics to Prospective Teachers
2020-02-13 Teaching Cyberethics to Prospective Teachers2020-02-13 Teaching Cyberethics to Prospective Teachers
2020-02-13 Teaching Cyberethics to Prospective TeachersFrederick Lane
 
2020-02-13 Can You Legislate Cyberethics?
2020-02-13 Can You Legislate Cyberethics?2020-02-13 Can You Legislate Cyberethics?
2020-02-13 Can You Legislate Cyberethics?Frederick Lane
 
2020-02-12 Cybertraps for HR Professionals
2020-02-12 Cybertraps for HR Professionals2020-02-12 Cybertraps for HR Professionals
2020-02-12 Cybertraps for HR ProfessionalsFrederick Lane
 
2020-02-11 Cyberethics and the MCEE
2020-02-11 Cyberethics and the MCEE2020-02-11 Cyberethics and the MCEE
2020-02-11 Cyberethics and the MCEEFrederick Lane
 
2020-02-10 Teaching Cyberethics to Prospective Teachers
2020-02-10 Teaching Cyberethics to Prospective Teachers2020-02-10 Teaching Cyberethics to Prospective Teachers
2020-02-10 Teaching Cyberethics to Prospective TeachersFrederick Lane
 
2020-02-10 Cyberethics and the MCEE
2020-02-10 Cyberethics and the MCEE2020-02-10 Cyberethics and the MCEE
2020-02-10 Cyberethics and the MCEEFrederick Lane
 
2020-01-29 Politics and the Ethical Educator: How to Survive the 2020 Electio...
2020-01-29 Politics and the Ethical Educator: How to Survive the 2020 Electio...2020-01-29 Politics and the Ethical Educator: How to Survive the 2020 Electio...
2020-01-29 Politics and the Ethical Educator: How to Survive the 2020 Electio...Frederick Lane
 
2019-06-24 Humans and Social Media: Cyberrisks, Cybertraps & Cybersecurity
2019-06-24 Humans and Social Media: Cyberrisks, Cybertraps & Cybersecurity2019-06-24 Humans and Social Media: Cyberrisks, Cybertraps & Cybersecurity
2019-06-24 Humans and Social Media: Cyberrisks, Cybertraps & CybersecurityFrederick Lane
 
2019-06-25 Cybertraps for Educators: Don't Get Caught
2019-06-25 Cybertraps for Educators: Don't Get Caught2019-06-25 Cybertraps for Educators: Don't Get Caught
2019-06-25 Cybertraps for Educators: Don't Get CaughtFrederick Lane
 

More from Frederick Lane (20)

2020-03-03 Privacy and the Ethical Educator
2020-03-03 Privacy and the Ethical Educator2020-03-03 Privacy and the Ethical Educator
2020-03-03 Privacy and the Ethical Educator
 
2020-02-25 Cybertraps and Cyberethics for Educators
2020-02-25 Cybertraps and Cyberethics for Educators2020-02-25 Cybertraps and Cyberethics for Educators
2020-02-25 Cybertraps and Cyberethics for Educators
 
2020-02-24 Cultivating a Culture of Cybersecurity
2020-02-24 Cultivating a Culture of Cybersecurity2020-02-24 Cultivating a Culture of Cybersecurity
2020-02-24 Cultivating a Culture of Cybersecurity
 
2020-02-23 Cybersecurity Audits for Tech Directors
2020-02-23 Cybersecurity Audits for Tech Directors2020-02-23 Cybersecurity Audits for Tech Directors
2020-02-23 Cybersecurity Audits for Tech Directors
 
2020-02-22 The Rise of the Digital Mob
2020-02-22 The Rise of the Digital Mob2020-02-22 The Rise of the Digital Mob
2020-02-22 The Rise of the Digital Mob
 
2020-02-14 Using Video Games as a Motivational Tool
2020-02-14 Using Video Games as a Motivational Tool2020-02-14 Using Video Games as a Motivational Tool
2020-02-14 Using Video Games as a Motivational Tool
 
2020-02-14 The Perils of Social Media
2020-02-14 The Perils of Social Media2020-02-14 The Perils of Social Media
2020-02-14 The Perils of Social Media
 
2020-02-14 Cybertraps for Educators
2020-02-14 Cybertraps for Educators2020-02-14 Cybertraps for Educators
2020-02-14 Cybertraps for Educators
 
2020-02-14 Understanding the 4Ps: Personal, Private, Public, and Professional
2020-02-14 Understanding the 4Ps: Personal, Private, Public, and Professional2020-02-14 Understanding the 4Ps: Personal, Private, Public, and Professional
2020-02-14 Understanding the 4Ps: Personal, Private, Public, and Professional
 
2020-02-13 Teaching Cyberethics to Prospective Teachers
2020-02-13 Teaching Cyberethics to Prospective Teachers2020-02-13 Teaching Cyberethics to Prospective Teachers
2020-02-13 Teaching Cyberethics to Prospective Teachers
 
2020-02-13 Cyberethics and the MCEE
2020-02-13 Cyberethics and the MCEE2020-02-13 Cyberethics and the MCEE
2020-02-13 Cyberethics and the MCEE
 
2020-02-13 Teaching Cyberethics to Prospective Teachers
2020-02-13 Teaching Cyberethics to Prospective Teachers2020-02-13 Teaching Cyberethics to Prospective Teachers
2020-02-13 Teaching Cyberethics to Prospective Teachers
 
2020-02-13 Can You Legislate Cyberethics?
2020-02-13 Can You Legislate Cyberethics?2020-02-13 Can You Legislate Cyberethics?
2020-02-13 Can You Legislate Cyberethics?
 
2020-02-12 Cybertraps for HR Professionals
2020-02-12 Cybertraps for HR Professionals2020-02-12 Cybertraps for HR Professionals
2020-02-12 Cybertraps for HR Professionals
 
2020-02-11 Cyberethics and the MCEE
2020-02-11 Cyberethics and the MCEE2020-02-11 Cyberethics and the MCEE
2020-02-11 Cyberethics and the MCEE
 
2020-02-10 Teaching Cyberethics to Prospective Teachers
2020-02-10 Teaching Cyberethics to Prospective Teachers2020-02-10 Teaching Cyberethics to Prospective Teachers
2020-02-10 Teaching Cyberethics to Prospective Teachers
 
2020-02-10 Cyberethics and the MCEE
2020-02-10 Cyberethics and the MCEE2020-02-10 Cyberethics and the MCEE
2020-02-10 Cyberethics and the MCEE
 
2020-01-29 Politics and the Ethical Educator: How to Survive the 2020 Electio...
2020-01-29 Politics and the Ethical Educator: How to Survive the 2020 Electio...2020-01-29 Politics and the Ethical Educator: How to Survive the 2020 Electio...
2020-01-29 Politics and the Ethical Educator: How to Survive the 2020 Electio...
 
2019-06-24 Humans and Social Media: Cyberrisks, Cybertraps & Cybersecurity
2019-06-24 Humans and Social Media: Cyberrisks, Cybertraps & Cybersecurity2019-06-24 Humans and Social Media: Cyberrisks, Cybertraps & Cybersecurity
2019-06-24 Humans and Social Media: Cyberrisks, Cybertraps & Cybersecurity
 
2019-06-25 Cybertraps for Educators: Don't Get Caught
2019-06-25 Cybertraps for Educators: Don't Get Caught2019-06-25 Cybertraps for Educators: Don't Get Caught
2019-06-25 Cybertraps for Educators: Don't Get Caught
 

Recently uploaded

CNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of ServiceCNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of Servicegiselly40
 
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Miguel Araújo
 
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Drew Madelung
 
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024The Digital Insurer
 
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptxEIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptxEarley Information Science
 
Slack Application Development 101 Slides
Slack Application Development 101 SlidesSlack Application Development 101 Slides
Slack Application Development 101 Slidespraypatel2
 
Presentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreterPresentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreternaman860154
 
2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...Martijn de Jong
 
Automating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps ScriptAutomating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps Scriptwesley chun
 
Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024The Digital Insurer
 
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationFrom Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationSafe Software
 
08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking MenDelhi Call girls
 
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdfThe Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdfEnterprise Knowledge
 
What Are The Drone Anti-jamming Systems Technology?
What Are The Drone Anti-jamming Systems Technology?What Are The Drone Anti-jamming Systems Technology?
What Are The Drone Anti-jamming Systems Technology?Antenna Manufacturer Coco
 
Powerful Google developer tools for immediate impact! (2023-24 C)
Powerful Google developer tools for immediate impact! (2023-24 C)Powerful Google developer tools for immediate impact! (2023-24 C)
Powerful Google developer tools for immediate impact! (2023-24 C)wesley chun
 
A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?Igalia
 
Boost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdfBoost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdfsudhanshuwaghmare1
 
Handwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed textsHandwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed textsMaria Levchenko
 
Histor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slideHistor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slidevu2urc
 
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking MenDelhi Call girls
 

Recently uploaded (20)

CNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of ServiceCNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of Service
 
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
 
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
 
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
 
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptxEIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
 
Slack Application Development 101 Slides
Slack Application Development 101 SlidesSlack Application Development 101 Slides
Slack Application Development 101 Slides
 
Presentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreterPresentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreter
 
2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...
 
Automating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps ScriptAutomating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps Script
 
Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024
 
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationFrom Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
 
08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men
 
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdfThe Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
 
What Are The Drone Anti-jamming Systems Technology?
What Are The Drone Anti-jamming Systems Technology?What Are The Drone Anti-jamming Systems Technology?
What Are The Drone Anti-jamming Systems Technology?
 
Powerful Google developer tools for immediate impact! (2023-24 C)
Powerful Google developer tools for immediate impact! (2023-24 C)Powerful Google developer tools for immediate impact! (2023-24 C)
Powerful Google developer tools for immediate impact! (2023-24 C)
 
A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?
 
Boost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdfBoost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdf
 
Handwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed textsHandwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed texts
 
Histor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slideHistor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slide
 
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
 

2013-10-18 Computer Forensics and Hash Values

  • 1. Computer Forensics: Images and Integrity Frederick S. Lane NHACDL Fall 2013 CLE Concord, NH 18 October 2013 www.FrederickLane.com www.ComputerForensicsDigest.com
  • 2. Background and Expertise • Attorney and Author of 7 Books • Computer Forensics Expert -- 15 years • Over 100 criminal cases • Lecturer on ComputerRelated Topics – 20+ years • Computer user (midframes, desktops, laptops) – 35+ years
  • 3. Lecture Overview • Not Your Mother’s Hash • The Role of Hash Values in Computer Forensics • The Growing Use of Hash Flags • P2P Investigations Using Hash Values
  • 4. Not Your Mother’s Hash • Cryptograhic Hash Values • Relatively Easy to Generate • Extremely Difficult to Determine Original Data from Hash Value • Extremely Difficult to Change Data without Changing Hash • Extremely Unlikely that Different Data Will Produce the Same Hash Value
  • 5. Types of Hash Alogirithms • Secure Hash Algorithm • Developed by NIST in 1995 • 40 characters long • Message Digest • Developed by Prof. Rivest in 1990 • 32 characters long • Photo DNA • Developed by Microsoft • Hash value based on histograms of multiple section of image
  • 6. Complex Explanation • The word DOG can be represented in different ways: • Binary: 010001000110111101100111 • Hexadecimal: 646f67 • A hash algorithm converts the hexadecimal value to a fixed-length hexadecimal string. • SHA-1: e49512524f47b4138d850c9d9d85972927281 da0 • MD5: 06d80eb0c50b49a509b49f2424e8c805
  • 7. Complex Explanation • Changing a single letter changes each value. • For instance, the word COG produces the following values: • Binary: 010000110110111101100111 • Hexadecimal: 436f67 • SHA-1: d3da816674b638d05caa672f60f381ff504e578c • MD5: 01e33197684afd628ccf82a5ae4fd6ad
  • 9. Evidence Integrity • Acquisition Hashes • Creation of Mirror Images • Verification of Accuracy of Mirror Images • Use of “Known File Filter” • Hashkeeper • National Software Reference Library • NCMEC CVIP Database
  • 10. Growing Use of Hash Flags • Child Protection and Sexual Predator Act of 1998 • 2008: ISPs Agree to Block Access to Known Sources of CP and to Scan for NCMEC Hash Values • SAFE Act: Requires ISPs and OSPs to Turn Over Subscriber Info If Known CP Is Identified
  • 11. P2P Hash Values • Basic Operation of Peer-toPeer Networks • • • • Decentralized Distribution Gnutella and eDonkey Client Software Hash Values Associated with Each File
  • 12. Automated P2P Searches • Peer Spectre or Nordic Mule Scans for IP Addresses of Devices Offering to Share Known CP Files • IP Addresses Are Stored by TLO in Child Protection System • Officers Conduct “Undercover” Investigations by Reviewing Spreadsheets of Hits in CPS
  • 13. Growing Defense Concerns • No Independent Examination of Proprietary Software • Very Little Information Regarding TLO or CPS • Peer Spectre May Generate False Hits Due to Normal Operation of P2P Clients • Search Warrant Affidavits Fail to Mention Role of TLO or CPS
  • 14. Computer Forensics: Images and Integrity Frederick S. Lane NHACDL Fall 2013 CLE Concord, NH 18 October 2013 www.FrederickLane.com www.ComputerForensicsDigest.com