Experien in digital forensic field
Please see detial instructions in the attachments and you will need to FTK tools to analyz data.
Your report should include high-level analysis summaries in table format for:
network activity (MAC addresses, IP addresses, domain names, etc.)
email and webmail
web browsing history
ownership/registration information for suspicious websites or domain names
names and contents of suspicious files
timeline for Internet and Network Activity
Before you begin your analysis of Internet and network activity, you should review the following readings about tools and techniques that can be used to reconstruct Internet activity.
Oh, J., Lee, S., & Lee, S. (2011). Advanced evidence collection and analysis of web browser activity. Digital Investigations, 8, S62–S70. Read the original paper and review the DFRWS 2011 conference presentation.
FTK User Guide (access the PDF file from the FTK help menu)
Chapter 19: Examining Email
Chapter 22: Examining Miscellaneous Evidence: Examining Internet Artifact Data
Chapter 25: Searching with Indexed Search
Wireshark User Guide (access the help file from the Wireshark help menu)
Chapter 6: Working with Captured Packets
Note: The version of FTK that has been licensed for student use in the VDA does not include the Visualization component. You may, however, find useful pointers, charts, and techniques for generating activity charts and timelines in the FTK User Guide’s chapters on visualization.
Lab 6 Overview
In this lab you will search for and recover Internet usage information from one or more forensic images and one or more packet capture (PCAP) files as provided by your instructor. Your focus should be upon finding and documenting answers to the case questions as provided in the lab scenario. Your presentation of your findings should be succinct. This means that you will need to apply your best judgment as to which information should be included in your report and which information should be omitted.
Note: in your reports and tables you should clearly identify which items were found in which evidence files.
Delivering a high-quality product at a reasonable price is not enough anymore.
That’s why we have developed 5 beneficial guarantees that will make your experience with our service enjoyable, easy, and safe.
You have to be 100% sure of the quality of your product to give a money-back guarantee. This describes us perfectly. Make sure that this guarantee is totally transparent.Read more
Each paper is composed from scratch, according to your instructions. It is then checked by our plagiarism-detection software. There is no gap where plagiarism could squeeze in.Read more
Thanks to our free revisions, there is no way for you to be unsatisfied. We will work on your paper until you are completely happy with the result.Read more
Your email is safe, as we store it according to international data protection rules. Your bank details are secure, as we use only reliable payment systems.Read more
By sending us your money, you buy the service we provide. Check out our terms and conditions if you prefer business talks to be laid out in official language.Read more