SlideShare uma empresa Scribd logo

The design of forensic computer workstations

Transferir como PPTX, PDF
J
jkvr100

The design of digital forensic computer workstations is not overly complex, but it does require careful attention to the exacting requirements of retrieving and preserving evidence as quickly as possible. Because of this, forensic computer workstations are almost always custom designed and manufactured by companies like Ace Computers.

Tecnologia
1 de 21
The Design of Forensic Computer Workstations Presented by John Samborski, CEO Ace Computers Ace Computers 575 Lively Blvd. Elk Grove Village, IL 60007-2013 Contact 877-ACECOMP (877-223-2667) www.acecomputers.com
About the presenter John Samborski, P.E. is a recognized expert in forensic information technology, with an extensive history of innovation and thought leadership in system integration. Since founding Ace Computers in 1983, he has aggressively pursued the development of custom, cost-effective products and services in concert with well-known industry leaders. He was a founding member of the Intel Premier Board of Advisors in 2002 and was awarded a life-time position. Ace Computers is one of the largest, oldest, and most respected custom technology developers and builders in the U.S. and holds numerous federal and state level contracts.
Evidence … needs to be extractable from electronically stored information (ESI) sources without corrupting that evidence. Properly designed forensic computer workstations help accomplish that goal.
What is digital forensics? The acquisition, scientific examination, and analysis of data retrieved from digital devices in such a way that the information can be used in a court of law or for the purposes of the retriever without any disturbance to that evidence.
Designing forensic workstations In order to design forensic workstations, the first determination is what types of media need to be forensically read, retrieved from suspect data, and included in the chain of custody.
Evidence and accuracy One of the most important steps is to ensure that the evidence has been accurately collected and that there is a clear chain of custody from the scene of the crime, to the investigator, and ultimately to the court.
The workstation’s purpose Another key design decision is the workstation’s purpose: data acquisition, processing, or both. Many systems are multi- purpose and can perform forensic data acquisition and processing equally well.
Processors and speed Other important considerations are the required processing speed, the number of processors, processor cores, and amount of memory anticipated for the data processing. •Systems are available with 1-4 processors and up to 1TB of RAM. •A popular configuration involves two Intel® Xeon® 6-core (each) processors and 256GB of DDR4 memory. •The number of processors and cores per processor should be determined by the system requirements of the software that will run.
The media type Another consideration is the type of media the system needs to acquire data from. Once this is established, the next step is to plan and include write-protected data acquisition methods. The most basic media is a hard drive write-blocked forensic bridge.
Write-blocked forensic bridges Write-blocked drive-bay mounted forensic bridges are available for all common hard drive types such as IDE, SATA, SAS, SCSI, IEEE1394 (Firewire), USB and with adapters for using 3.5”, 2.5”, and 1.8” size drives. A write-blocked flash media card reader is also useful for forensically reading media cards such as SD cards, CompactFlash, and others; this prevents the addition of anything to the source data.
Read-write considerations A read-only media card reader is best, since it will prevent accidental corruption of the data. A read- write switchable reader can potentially be corrupted, but by using a model that is incapable of writing data, that source of error can be eliminated. It’s simple to add a standard external flash reader/writer to the system. Although it will be obvious to users that this external flash is capable of corrupting data, the internal model should be write-blocked at all times.
Optical media Optical media is another common source of forensic data. This media is typically not written to without specialized software, so a standard DVD reader/writer or Blu-Ray reader/writer will perform this work adequately.
The storage system Once the data can be read in a forensically safe manner, the data needs to be stored on either a target drive, a RAID array, or both. With the storage system defined, the design of the RAID system or the allowance of destination drive bays needs to be specified.
GPU considerations Another decision is whether graphic processing units (GPUs)--for assistance in breaking passwords--need to be included. Normally, systems are shipped with a single graphics card used for display purposes, but users can also leverage the intense processing power of the GPU for assistance in brute-force password cracking through massively parallelized iterative attempts.
Higher end graphics cards By using a higher-end graphics card or multiple graphics cards, the forensic system can also be used to shorten the time needed to break a password installed on a system or to open up files which have been encrypted.
Password decryption servers Specialized password/decryption servers and clusters with multiple GPU optimized systems designed for 24-7 operation are also available, and are frequently used in the federal market by major government and law enforcement agencies.
Ace Computers’ findings Ace Computers has benchmarked numerous platforms and found the optimal design and configuration for the optimal operation of the GPU subsystem for password cracking and it is one of our strongest areas of expertise.
The value of a system integrator There are numerous items to consider when designing a forensic workstation and since the system components change often, it is best to work with a systems integrator that is actively involved in the market.
What the system integrator does The systems integrator will know how to optimize the design based on the latest software, hardware, and thermal techniques.
Integrators for government entities For government agencies, it also makes sense to work with a firm that can custom-design a system to exacting specifications and has popular contracting vehicles available to facilitate the purchase directly without the complications of contracting procedures.
Thank you! Any questions? Contact Ace Computers 877-ACECOMP/(877-223-2667) www.acecomputers.com

Recomendados

Case study on Physical devices used in Computer forensics.
Case study on Physical devices used in Computer forensics.Case study on Physical devices used in Computer forensics.
Case study on Physical devices used in Computer forensics.Vishal Tandel
 
Computer Forensic
Computer ForensicComputer Forensic
Computer Forensicwillemvandrunen
 
Computer Forensics Resources offers Remote Live Data Forensic Acquisition if ...
Computer Forensics Resources offers Remote Live Data Forensic Acquisition if ...Computer Forensics Resources offers Remote Live Data Forensic Acquisition if ...
Computer Forensics Resources offers Remote Live Data Forensic Acquisition if ...computerforensicsresources
 
Computer forensics
Computer forensicsComputer forensics
Computer forensicsLalit Garg
 
Lecture 9 and 10 comp forensics 09 10-18 file system
Lecture 9 and 10 comp forensics 09 10-18 file systemLecture 9 and 10 comp forensics 09 10-18 file system
Lecture 9 and 10 comp forensics 09 10-18 file systemAlchemist095
 
Computer forensic 101 - OWASP Khartoum
Computer forensic 101 - OWASP KhartoumComputer forensic 101 - OWASP Khartoum
Computer forensic 101 - OWASP KhartoumOWASP Khartoum
 
Introduction to computer forensic
Introduction to computer forensicIntroduction to computer forensic
Introduction to computer forensicOnline
 
Computer forensics
Computer forensicsComputer forensics
Computer forensicsdeaneal
 

Recomendados

Case study on Physical devices used in Computer forensics.
Case study on Physical devices used in Computer forensics.Case study on Physical devices used in Computer forensics.
Case study on Physical devices used in Computer forensics.Vishal Tandel
 
Computer Forensic
Computer ForensicComputer Forensic
Computer Forensicwillemvandrunen
 
Computer Forensics Resources offers Remote Live Data Forensic Acquisition if ...
Computer Forensics Resources offers Remote Live Data Forensic Acquisition if ...Computer Forensics Resources offers Remote Live Data Forensic Acquisition if ...
Computer Forensics Resources offers Remote Live Data Forensic Acquisition if ...computerforensicsresources
 
Computer forensics
Computer forensicsComputer forensics
Computer forensicsLalit Garg
 
Lecture 9 and 10 comp forensics 09 10-18 file system
Lecture 9 and 10 comp forensics 09 10-18 file systemLecture 9 and 10 comp forensics 09 10-18 file system
Lecture 9 and 10 comp forensics 09 10-18 file systemAlchemist095
 
Computer forensic 101 - OWASP Khartoum
Computer forensic 101 - OWASP KhartoumComputer forensic 101 - OWASP Khartoum
Computer forensic 101 - OWASP KhartoumOWASP Khartoum
 
Introduction to computer forensic
Introduction to computer forensicIntroduction to computer forensic
Introduction to computer forensicOnline
 
Computer forensics
Computer forensicsComputer forensics
Computer forensicsdeaneal
 
Lecture 4,5, 6 comp forensics 19 9-2018 basic security
Lecture 4,5, 6 comp forensics 19 9-2018 basic securityLecture 4,5, 6 comp forensics 19 9-2018 basic security
Lecture 4,5, 6 comp forensics 19 9-2018 basic securityAlchemist095
 
Digital Forensics
Digital ForensicsDigital Forensics
Digital ForensicsNicholas Davis
 
Lecture #32: Forensic Duplication
Lecture #32: Forensic DuplicationLecture #32: Forensic Duplication
Lecture #32: Forensic DuplicationDr. Ramchandra Mangrulkar
 
Computer forensic
Computer forensicComputer forensic
Computer forensicShashi Mishra
 
06 Computer Image Verification and Authentication - Notes
06 Computer Image Verification and Authentication - Notes06 Computer Image Verification and Authentication - Notes
06 Computer Image Verification and Authentication - NotesKranthi
 
Investigative Tools and Equipments for Cyber Crime by Raghu Khimani
Investigative Tools and Equipments for Cyber Crime by Raghu KhimaniInvestigative Tools and Equipments for Cyber Crime by Raghu Khimani
Investigative Tools and Equipments for Cyber Crime by Raghu KhimaniDr Raghu Khimani
 
The Future of Digital Forensics
The Future of Digital ForensicsThe Future of Digital Forensics
The Future of Digital Forensics00heights
 
Introduction To Forensic Methodologies
Introduction To Forensic MethodologiesIntroduction To Forensic Methodologies
Introduction To Forensic MethodologiesLedjit
 
Digital Forensics by William C. Barker (NIST)
Digital Forensics by William C. Barker (NIST)Digital Forensics by William C. Barker (NIST)
Digital Forensics by William C. Barker (NIST)AltheimPrivacy
 
cyber forensics
cyber forensicscyber forensics
cyber forensicsAmbuj Kumar
 
CS6004 Cyber Forensics - UNIT V
CS6004 Cyber Forensics - UNIT VCS6004 Cyber Forensics - UNIT V
CS6004 Cyber Forensics - UNIT VArthyR3
 
Lecture 8 comp forensics 03 10-18 file system
Lecture 8 comp forensics 03 10-18 file systemLecture 8 comp forensics 03 10-18 file system
Lecture 8 comp forensics 03 10-18 file systemAlchemist095
 
An introduction to cyber forensics and open source tools in cyber forensics
An introduction to cyber forensics and open source tools in cyber forensicsAn introduction to cyber forensics and open source tools in cyber forensics
An introduction to cyber forensics and open source tools in cyber forensicsZyxware Technologies
 
Data Recovery Services in Utah
Data Recovery Services in UtahData Recovery Services in Utah
Data Recovery Services in UtahCarl Miller
 
Anti forensics-techniques-for-browsing-artifacts
Anti forensics-techniques-for-browsing-artifactsAnti forensics-techniques-for-browsing-artifacts
Anti forensics-techniques-for-browsing-artifactsgaurang17
 
Computer Forensics
Computer ForensicsComputer Forensics
Computer ForensicsAlchemist095
 
Digital Forensic Case Study
Digital Forensic Case StudyDigital Forensic Case Study
Digital Forensic Case StudyMyAssignmenthelp.com
 
MFP Hard Drive Security
MFP Hard Drive SecurityMFP Hard Drive Security
MFP Hard Drive SecurityDianaElarde
 
Lecture #31 : Windows Forensics
Lecture #31 : Windows ForensicsLecture #31 : Windows Forensics
Lecture #31 : Windows ForensicsDr. Ramchandra Mangrulkar
 
CS6004 Cyber Forensics - UNIT IV
CS6004 Cyber Forensics - UNIT IVCS6004 Cyber Forensics - UNIT IV
CS6004 Cyber Forensics - UNIT IVArthyR3
 
Computer forensic
Computer forensicComputer forensic
Computer forensicSinggih Prasetya
 
MattockFS Computer Forensic File-System
MattockFS Computer Forensic File-SystemMattockFS Computer Forensic File-System
MattockFS Computer Forensic File-SystemRob Meijer
 

Mais conteúdo relacionado

Mais procurados

Lecture 4,5, 6 comp forensics 19 9-2018 basic security
Lecture 4,5, 6 comp forensics 19 9-2018 basic securityLecture 4,5, 6 comp forensics 19 9-2018 basic security
Lecture 4,5, 6 comp forensics 19 9-2018 basic securityAlchemist095
 
06 Computer Image Verification and Authentication - Notes
06 Computer Image Verification and Authentication - Notes06 Computer Image Verification and Authentication - Notes
06 Computer Image Verification and Authentication - NotesKranthi
 
Investigative Tools and Equipments for Cyber Crime by Raghu Khimani
Investigative Tools and Equipments for Cyber Crime by Raghu KhimaniInvestigative Tools and Equipments for Cyber Crime by Raghu Khimani
Investigative Tools and Equipments for Cyber Crime by Raghu KhimaniDr Raghu Khimani
 
The Future of Digital Forensics
The Future of Digital ForensicsThe Future of Digital Forensics
The Future of Digital Forensics00heights
 
Introduction To Forensic Methodologies
Introduction To Forensic MethodologiesIntroduction To Forensic Methodologies
Introduction To Forensic MethodologiesLedjit
 
Digital Forensics by William C. Barker (NIST)
Digital Forensics by William C. Barker (NIST)Digital Forensics by William C. Barker (NIST)
Digital Forensics by William C. Barker (NIST)AltheimPrivacy
 
CS6004 Cyber Forensics - UNIT V
CS6004 Cyber Forensics - UNIT VCS6004 Cyber Forensics - UNIT V
CS6004 Cyber Forensics - UNIT VArthyR3
 
Lecture 8 comp forensics 03 10-18 file system
Lecture 8 comp forensics 03 10-18 file systemLecture 8 comp forensics 03 10-18 file system
Lecture 8 comp forensics 03 10-18 file systemAlchemist095
 
An introduction to cyber forensics and open source tools in cyber forensics
An introduction to cyber forensics and open source tools in cyber forensicsAn introduction to cyber forensics and open source tools in cyber forensics
An introduction to cyber forensics and open source tools in cyber forensicsZyxware Technologies
 
Data Recovery Services in Utah
Data Recovery Services in UtahData Recovery Services in Utah
Data Recovery Services in UtahCarl Miller
 
Anti forensics-techniques-for-browsing-artifacts
Anti forensics-techniques-for-browsing-artifactsAnti forensics-techniques-for-browsing-artifacts
Anti forensics-techniques-for-browsing-artifactsgaurang17
 
Computer Forensics
Computer ForensicsComputer Forensics
Computer ForensicsAlchemist095
 
MFP Hard Drive Security
MFP Hard Drive SecurityMFP Hard Drive Security
MFP Hard Drive SecurityDianaElarde
 
CS6004 Cyber Forensics - UNIT IV
CS6004 Cyber Forensics - UNIT IVCS6004 Cyber Forensics - UNIT IV
CS6004 Cyber Forensics - UNIT IVArthyR3
 

Mais procurados (20)

Lecture 4,5, 6 comp forensics 19 9-2018 basic security
Lecture 4,5, 6 comp forensics 19 9-2018 basic securityLecture 4,5, 6 comp forensics 19 9-2018 basic security
Lecture 4,5, 6 comp forensics 19 9-2018 basic security
 
Digital Forensics
Digital ForensicsDigital Forensics
Digital Forensics
 
Lecture #32: Forensic Duplication
Lecture #32: Forensic DuplicationLecture #32: Forensic Duplication
Lecture #32: Forensic Duplication
 
Computer forensic
Computer forensicComputer forensic
Computer forensic
 
06 Computer Image Verification and Authentication - Notes
06 Computer Image Verification and Authentication - Notes06 Computer Image Verification and Authentication - Notes
06 Computer Image Verification and Authentication - Notes
 
Investigative Tools and Equipments for Cyber Crime by Raghu Khimani
Investigative Tools and Equipments for Cyber Crime by Raghu KhimaniInvestigative Tools and Equipments for Cyber Crime by Raghu Khimani
Investigative Tools and Equipments for Cyber Crime by Raghu Khimani
 
The Future of Digital Forensics
The Future of Digital ForensicsThe Future of Digital Forensics
The Future of Digital Forensics
 
Introduction To Forensic Methodologies
Introduction To Forensic MethodologiesIntroduction To Forensic Methodologies
Introduction To Forensic Methodologies
 
Digital Forensics by William C. Barker (NIST)
Digital Forensics by William C. Barker (NIST)Digital Forensics by William C. Barker (NIST)
Digital Forensics by William C. Barker (NIST)
 
cyber forensics
cyber forensicscyber forensics
cyber forensics
 
CS6004 Cyber Forensics - UNIT V
CS6004 Cyber Forensics - UNIT VCS6004 Cyber Forensics - UNIT V
CS6004 Cyber Forensics - UNIT V
 
Lecture 8 comp forensics 03 10-18 file system
Lecture 8 comp forensics 03 10-18 file systemLecture 8 comp forensics 03 10-18 file system
Lecture 8 comp forensics 03 10-18 file system
 
An introduction to cyber forensics and open source tools in cyber forensics
An introduction to cyber forensics and open source tools in cyber forensicsAn introduction to cyber forensics and open source tools in cyber forensics
An introduction to cyber forensics and open source tools in cyber forensics
 
Data Recovery Services in Utah
Data Recovery Services in UtahData Recovery Services in Utah
Data Recovery Services in Utah
 
Anti forensics-techniques-for-browsing-artifacts
Anti forensics-techniques-for-browsing-artifactsAnti forensics-techniques-for-browsing-artifacts
Anti forensics-techniques-for-browsing-artifacts
 
Computer Forensics
Computer ForensicsComputer Forensics
Computer Forensics
 
Digital Forensic Case Study
Digital Forensic Case StudyDigital Forensic Case Study
Digital Forensic Case Study
 
MFP Hard Drive Security
MFP Hard Drive SecurityMFP Hard Drive Security
MFP Hard Drive Security
 
Lecture #31 : Windows Forensics
Lecture #31 : Windows ForensicsLecture #31 : Windows Forensics
Lecture #31 : Windows Forensics
 
CS6004 Cyber Forensics - UNIT IV
CS6004 Cyber Forensics - UNIT IVCS6004 Cyber Forensics - UNIT IV
CS6004 Cyber Forensics - UNIT IV
 

Destaque

MattockFS Computer Forensic File-System
MattockFS Computer Forensic File-SystemMattockFS Computer Forensic File-System
MattockFS Computer Forensic File-SystemRob Meijer
 
Computer forensic ppt
Computer forensic pptComputer forensic ppt
Computer forensic pptOnkar1431
 
Electornic evidence collection
Electornic evidence collectionElectornic evidence collection
Electornic evidence collectionFakrul Alam
 
Forensic Science - 01 What is forensic science?
Forensic Science - 01 What is forensic science?Forensic Science - 01 What is forensic science?
Forensic Science - 01 What is forensic science?Ian Anderson
 
Elements Of Forensic Science
Elements Of Forensic ScienceElements Of Forensic Science
Elements Of Forensic Scienceannperry09
 
Computer forensic
Computer forensicComputer forensic
Computer forensicbhavithd
 
BoyarMiller - You Lost Me At Gigabyte: Working with Computer Forensic Examiners
BoyarMiller - You Lost Me At Gigabyte: Working with Computer Forensic ExaminersBoyarMiller - You Lost Me At Gigabyte: Working with Computer Forensic Examiners
BoyarMiller - You Lost Me At Gigabyte: Working with Computer Forensic ExaminersBoyarMiller
 
Computer Forensics in Fighting Crimes
Computer Forensics in Fighting CrimesComputer Forensics in Fighting Crimes
Computer Forensics in Fighting CrimesIsaiah Edem
 
Business Intelligence (BI) Tools For Computer Forensic
Business Intelligence (BI) Tools For Computer ForensicBusiness Intelligence (BI) Tools For Computer Forensic
Business Intelligence (BI) Tools For Computer ForensicDhiren Gala
 
Document clustering for forensic analysis an approach for improving compute...
Document clustering for forensic analysis an approach for improving compute...Document clustering for forensic analysis an approach for improving compute...
Document clustering for forensic analysis an approach for improving compute...Madan Golla
 
7 Forensic Science Powerpoint Chapter 07 Forensic Anthropology
7 Forensic Science Powerpoint Chapter 07 Forensic Anthropology7 Forensic Science Powerpoint Chapter 07 Forensic Anthropology
7 Forensic Science Powerpoint Chapter 07 Forensic AnthropologyGrossmont College
 
Introduction to forensic science
Introduction to forensic scienceIntroduction to forensic science
Introduction to forensic scienceAbby Varghese
 
Digital Evidence in Computer Forensic Investigations
Digital Evidence in Computer Forensic InvestigationsDigital Evidence in Computer Forensic Investigations
Digital Evidence in Computer Forensic InvestigationsFilip Maertens
 
Principles of forensic science
Principles of forensic sciencePrinciples of forensic science
Principles of forensic scienceBhoopendra Singh
 
Implementing and Running SIEM: Approaches and Lessons
Implementing and Running SIEM: Approaches and LessonsImplementing and Running SIEM: Approaches and Lessons
Implementing and Running SIEM: Approaches and LessonsAnton Chuvakin
 
How to Choose the Right Security Information and Event Management (SIEM) Solu...
How to Choose the Right Security Information and Event Management (SIEM) Solu...How to Choose the Right Security Information and Event Management (SIEM) Solu...
How to Choose the Right Security Information and Event Management (SIEM) Solu...IBM Security
 
Intro to Forensic Science
Intro to Forensic ScienceIntro to Forensic Science
Intro to Forensic Sciencenicollins
 

Destaque (20)

Computer forensic
Computer forensicComputer forensic
Computer forensic
 
MattockFS Computer Forensic File-System
MattockFS Computer Forensic File-SystemMattockFS Computer Forensic File-System
MattockFS Computer Forensic File-System
 
Computer forensic ppt
Computer forensic pptComputer forensic ppt
Computer forensic ppt
 
Electornic evidence collection
Electornic evidence collectionElectornic evidence collection
Electornic evidence collection
 
Capturing forensics image
Capturing forensics imageCapturing forensics image
Capturing forensics image
 
File000173
File000173File000173
File000173
 
Forensic Science - 01 What is forensic science?
Forensic Science - 01 What is forensic science?Forensic Science - 01 What is forensic science?
Forensic Science - 01 What is forensic science?
 
Elements Of Forensic Science
Elements Of Forensic ScienceElements Of Forensic Science
Elements Of Forensic Science
 
Computer forensic
Computer forensicComputer forensic
Computer forensic
 
BoyarMiller - You Lost Me At Gigabyte: Working with Computer Forensic Examiners
BoyarMiller - You Lost Me At Gigabyte: Working with Computer Forensic ExaminersBoyarMiller - You Lost Me At Gigabyte: Working with Computer Forensic Examiners
BoyarMiller - You Lost Me At Gigabyte: Working with Computer Forensic Examiners
 
Computer Forensics in Fighting Crimes
Computer Forensics in Fighting CrimesComputer Forensics in Fighting Crimes
Computer Forensics in Fighting Crimes
 
Business Intelligence (BI) Tools For Computer Forensic
Business Intelligence (BI) Tools For Computer ForensicBusiness Intelligence (BI) Tools For Computer Forensic
Business Intelligence (BI) Tools For Computer Forensic
 
Document clustering for forensic analysis an approach for improving compute...
Document clustering for forensic analysis an approach for improving compute...Document clustering for forensic analysis an approach for improving compute...
Document clustering for forensic analysis an approach for improving compute...
 
7 Forensic Science Powerpoint Chapter 07 Forensic Anthropology
7 Forensic Science Powerpoint Chapter 07 Forensic Anthropology7 Forensic Science Powerpoint Chapter 07 Forensic Anthropology
7 Forensic Science Powerpoint Chapter 07 Forensic Anthropology
 
Introduction to forensic science
Introduction to forensic scienceIntroduction to forensic science
Introduction to forensic science
 
Digital Evidence in Computer Forensic Investigations
Digital Evidence in Computer Forensic InvestigationsDigital Evidence in Computer Forensic Investigations
Digital Evidence in Computer Forensic Investigations
 
Principles of forensic science
Principles of forensic sciencePrinciples of forensic science
Principles of forensic science
 
Implementing and Running SIEM: Approaches and Lessons
Implementing and Running SIEM: Approaches and LessonsImplementing and Running SIEM: Approaches and Lessons
Implementing and Running SIEM: Approaches and Lessons
 
How to Choose the Right Security Information and Event Management (SIEM) Solu...
How to Choose the Right Security Information and Event Management (SIEM) Solu...How to Choose the Right Security Information and Event Management (SIEM) Solu...
How to Choose the Right Security Information and Event Management (SIEM) Solu...
 
Intro to Forensic Science
Intro to Forensic ScienceIntro to Forensic Science
Intro to Forensic Science
 

Semelhante a The design of forensic computer workstations

Role of a Forensic Investigator
Role of a Forensic InvestigatorRole of a Forensic Investigator
Role of a Forensic InvestigatorAgape Inc
 
Embedded presentation
Embedded presentationEmbedded presentation
Embedded presentationrohancool
 
ResearchPaperITDF2435
ResearchPaperITDF2435ResearchPaperITDF2435
ResearchPaperITDF2435Manuel Garza
 
MASAMUNE Clone Enterprise Edition
MASAMUNE Clone Enterprise EditionMASAMUNE Clone Enterprise Edition
MASAMUNE Clone Enterprise EditionHayato Abe
 
computerforensics-140529094816-phpapp01 (1).pdf
computerforensics-140529094816-phpapp01 (1).pdfcomputerforensics-140529094816-phpapp01 (1).pdf
computerforensics-140529094816-phpapp01 (1).pdfGnanavi2
 
02 Types of Computer Forensics Technology - Notes
02 Types of Computer Forensics Technology - Notes02 Types of Computer Forensics Technology - Notes
02 Types of Computer Forensics Technology - NotesKranthi
 
Analysis of digital evidence
Analysis of digital evidenceAnalysis of digital evidence
Analysis of digital evidencerakesh mishra
 
OpenDrives_-_Product_Sheet_v13D (2) (1)
OpenDrives_-_Product_Sheet_v13D (2) (1)OpenDrives_-_Product_Sheet_v13D (2) (1)
OpenDrives_-_Product_Sheet_v13D (2) (1)Scott Eiser
 
Computer Forensics chap 3+4.DS_Store__MACOSXComputer Foren.docx
Computer Forensics chap 3+4.DS_Store__MACOSXComputer Foren.docxComputer Forensics chap 3+4.DS_Store__MACOSXComputer Foren.docx
Computer Forensics chap 3+4.DS_Store__MACOSXComputer Foren.docxmaxinesmith73660
 
Lec no. 4 hardware and software basic
Lec no. 4 hardware and software basicLec no. 4 hardware and software basic
Lec no. 4 hardware and software basicJiian Francisco
 
Connecting hw peripheral Presentation1.pptx
Connecting hw peripheral Presentation1.pptxConnecting hw peripheral Presentation1.pptx
Connecting hw peripheral Presentation1.pptxAdilKedir2
 
Improving data confidentiality in personal computer environment using on line...
Improving data confidentiality in personal computer environment using on line...Improving data confidentiality in personal computer environment using on line...
Improving data confidentiality in personal computer environment using on line...Damir Delija
 
Computer forensics toolkit
Computer forensics toolkitComputer forensics toolkit
Computer forensics toolkitMilap Oza
 

Semelhante a The design of forensic computer workstations (20)

Fs Ch 18
Fs Ch 18Fs Ch 18
Fs Ch 18
 
Role of a Forensic Investigator
Role of a Forensic InvestigatorRole of a Forensic Investigator
Role of a Forensic Investigator
 
Latest presentation
Latest presentationLatest presentation
Latest presentation
 
Embedded presentation
Embedded presentationEmbedded presentation
Embedded presentation
 
ResearchPaperITDF2435
ResearchPaperITDF2435ResearchPaperITDF2435
ResearchPaperITDF2435
 
MASAMUNE Clone Enterprise Edition
MASAMUNE Clone Enterprise EditionMASAMUNE Clone Enterprise Edition
MASAMUNE Clone Enterprise Edition
 
computerforensics-140529094816-phpapp01 (1).pdf
computerforensics-140529094816-phpapp01 (1).pdfcomputerforensics-140529094816-phpapp01 (1).pdf
computerforensics-140529094816-phpapp01 (1).pdf
 
Network
NetworkNetwork
Network
 
Hardware
HardwareHardware
Hardware
 
Hardware and Software Basics With Dr. Poirot
Hardware and Software Basics With Dr. PoirotHardware and Software Basics With Dr. Poirot
Hardware and Software Basics With Dr. Poirot
 
Hwswb
HwswbHwswb
Hwswb
 
02 Types of Computer Forensics Technology - Notes
02 Types of Computer Forensics Technology - Notes02 Types of Computer Forensics Technology - Notes
02 Types of Computer Forensics Technology - Notes
 
Analysis of digital evidence
Analysis of digital evidenceAnalysis of digital evidence
Analysis of digital evidence
 
OpenDrives_-_Product_Sheet_v13D (2) (1)
OpenDrives_-_Product_Sheet_v13D (2) (1)OpenDrives_-_Product_Sheet_v13D (2) (1)
OpenDrives_-_Product_Sheet_v13D (2) (1)
 
Computer Forensics chap 3+4.DS_Store__MACOSXComputer Foren.docx
Computer Forensics chap 3+4.DS_Store__MACOSXComputer Foren.docxComputer Forensics chap 3+4.DS_Store__MACOSXComputer Foren.docx
Computer Forensics chap 3+4.DS_Store__MACOSXComputer Foren.docx
 
Cat info mgt
Cat info mgtCat info mgt
Cat info mgt
 
Lec no. 4 hardware and software basic
Lec no. 4 hardware and software basicLec no. 4 hardware and software basic
Lec no. 4 hardware and software basic
 
Connecting hw peripheral Presentation1.pptx
Connecting hw peripheral Presentation1.pptxConnecting hw peripheral Presentation1.pptx
Connecting hw peripheral Presentation1.pptx
 
Improving data confidentiality in personal computer environment using on line...
Improving data confidentiality in personal computer environment using on line...Improving data confidentiality in personal computer environment using on line...
Improving data confidentiality in personal computer environment using on line...
 
Computer forensics toolkit
Computer forensics toolkitComputer forensics toolkit
Computer forensics toolkit
 

Último

Swan(sea) Song – personal research during my six years at Swansea ... and bey...
Swan(sea) Song – personal research during my six years at Swansea ... and bey...Swan(sea) Song – personal research during my six years at Swansea ... and bey...
Swan(sea) Song – personal research during my six years at Swansea ... and bey...Alan Dix
 
CloudStudio User manual (basic edition):
CloudStudio User manual (basic edition):CloudStudio User manual (basic edition):
CloudStudio User manual (basic edition):comworks
 
Advanced Test Driven-Development @ php[tek] 2024
Advanced Test Driven-Development @ php[tek] 2024Advanced Test Driven-Development @ php[tek] 2024
Advanced Test Driven-Development @ php[tek] 2024Scott Keck-Warren
 
Transcript: New from BookNet Canada for 2024: BNC BiblioShare - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC BiblioShare - Tech Forum 2024Transcript: New from BookNet Canada for 2024: BNC BiblioShare - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC BiblioShare - Tech Forum 2024BookNet Canada
 
AI as an Interface for Commercial Buildings
AI as an Interface for Commercial BuildingsAI as an Interface for Commercial Buildings
AI as an Interface for Commercial BuildingsMemoori
 
Human Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR SystemsHuman Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR SystemsMark Billinghurst
 
Pigging Solutions Piggable Sweeping Elbows
Pigging Solutions Piggable Sweeping ElbowsPigging Solutions Piggable Sweeping Elbows
Pigging Solutions Piggable Sweeping ElbowsPigging Solutions
 
08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking MenDelhi Call girls
 
Presentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreterPresentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreternaman860154
 
Injustice - Developers Among Us (SciFiDevCon 2024)
Injustice - Developers Among Us (SciFiDevCon 2024)Injustice - Developers Among Us (SciFiDevCon 2024)
Injustice - Developers Among Us (SciFiDevCon 2024)Allon Mureinik
 
Designing IA for AI - Information Architecture Conference 2024
Designing IA for AI - Information Architecture Conference 2024Designing IA for AI - Information Architecture Conference 2024
Designing IA for AI - Information Architecture Conference 2024Enterprise Knowledge
 
Making_way_through_DLL_hollowing_inspite_of_CFG_by_Debjeet Banerjee.pptx
Making_way_through_DLL_hollowing_inspite_of_CFG_by_Debjeet Banerjee.pptxMaking_way_through_DLL_hollowing_inspite_of_CFG_by_Debjeet Banerjee.pptx
Making_way_through_DLL_hollowing_inspite_of_CFG_by_Debjeet Banerjee.pptxnull - The Open Security Community
 
Install Stable Diffusion in windows machine
Install Stable Diffusion in windows machineInstall Stable Diffusion in windows machine
Install Stable Diffusion in windows machinePadma Pradeep
 
Unleash Your Potential - Namagunga Girls Coding Club
Unleash Your Potential - Namagunga Girls Coding ClubUnleash Your Potential - Namagunga Girls Coding Club
Unleash Your Potential - Namagunga Girls Coding ClubKalema Edgar
 
"Federated learning: out of reach no matter how close",Oleksandr Lapshyn
"Federated learning: out of reach no matter how close",Oleksandr Lapshyn"Federated learning: out of reach no matter how close",Oleksandr Lapshyn
"Federated learning: out of reach no matter how close",Oleksandr LapshynFwdays
 
Streamlining Python Development: A Guide to a Modern Project Setup
Streamlining Python Development: A Guide to a Modern Project SetupStreamlining Python Development: A Guide to a Modern Project Setup
Streamlining Python Development: A Guide to a Modern Project SetupFlorian Wilhelm
 
The Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptxThe Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptxMalak Abu Hammad
 
Pigging Solutions in Pet Food Manufacturing
Pigging Solutions in Pet Food ManufacturingPigging Solutions in Pet Food Manufacturing
Pigging Solutions in Pet Food ManufacturingPigging Solutions
 

Último (20)

Swan(sea) Song – personal research during my six years at Swansea ... and bey...
Swan(sea) Song – personal research during my six years at Swansea ... and bey...Swan(sea) Song – personal research during my six years at Swansea ... and bey...
Swan(sea) Song – personal research during my six years at Swansea ... and bey...
 
DMCC Future of Trade Web3 - Special Edition
DMCC Future of Trade Web3 - Special EditionDMCC Future of Trade Web3 - Special Edition
DMCC Future of Trade Web3 - Special Edition
 
CloudStudio User manual (basic edition):
CloudStudio User manual (basic edition):CloudStudio User manual (basic edition):
CloudStudio User manual (basic edition):
 
Advanced Test Driven-Development @ php[tek] 2024
Advanced Test Driven-Development @ php[tek] 2024Advanced Test Driven-Development @ php[tek] 2024
Advanced Test Driven-Development @ php[tek] 2024
 
Transcript: New from BookNet Canada for 2024: BNC BiblioShare - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC BiblioShare - Tech Forum 2024Transcript: New from BookNet Canada for 2024: BNC BiblioShare - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC BiblioShare - Tech Forum 2024
 
Vulnerability_Management_GRC_by Sohang Sengupta.pptx
Vulnerability_Management_GRC_by Sohang Sengupta.pptxVulnerability_Management_GRC_by Sohang Sengupta.pptx
Vulnerability_Management_GRC_by Sohang Sengupta.pptx
 
AI as an Interface for Commercial Buildings
AI as an Interface for Commercial BuildingsAI as an Interface for Commercial Buildings
AI as an Interface for Commercial Buildings
 
Human Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR SystemsHuman Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR Systems
 
Pigging Solutions Piggable Sweeping Elbows
Pigging Solutions Piggable Sweeping ElbowsPigging Solutions Piggable Sweeping Elbows
Pigging Solutions Piggable Sweeping Elbows
 
08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men
 
Presentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreterPresentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreter
 
Injustice - Developers Among Us (SciFiDevCon 2024)
Injustice - Developers Among Us (SciFiDevCon 2024)Injustice - Developers Among Us (SciFiDevCon 2024)
Injustice - Developers Among Us (SciFiDevCon 2024)
 
Designing IA for AI - Information Architecture Conference 2024
Designing IA for AI - Information Architecture Conference 2024Designing IA for AI - Information Architecture Conference 2024
Designing IA for AI - Information Architecture Conference 2024
 
Making_way_through_DLL_hollowing_inspite_of_CFG_by_Debjeet Banerjee.pptx
Making_way_through_DLL_hollowing_inspite_of_CFG_by_Debjeet Banerjee.pptxMaking_way_through_DLL_hollowing_inspite_of_CFG_by_Debjeet Banerjee.pptx
Making_way_through_DLL_hollowing_inspite_of_CFG_by_Debjeet Banerjee.pptx
 
Install Stable Diffusion in windows machine
Install Stable Diffusion in windows machineInstall Stable Diffusion in windows machine
Install Stable Diffusion in windows machine
 
Unleash Your Potential - Namagunga Girls Coding Club
Unleash Your Potential - Namagunga Girls Coding ClubUnleash Your Potential - Namagunga Girls Coding Club
Unleash Your Potential - Namagunga Girls Coding Club
 
"Federated learning: out of reach no matter how close",Oleksandr Lapshyn
"Federated learning: out of reach no matter how close",Oleksandr Lapshyn"Federated learning: out of reach no matter how close",Oleksandr Lapshyn
"Federated learning: out of reach no matter how close",Oleksandr Lapshyn
 
Streamlining Python Development: A Guide to a Modern Project Setup
Streamlining Python Development: A Guide to a Modern Project SetupStreamlining Python Development: A Guide to a Modern Project Setup
Streamlining Python Development: A Guide to a Modern Project Setup
 
The Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptxThe Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptx
 
Pigging Solutions in Pet Food Manufacturing
Pigging Solutions in Pet Food ManufacturingPigging Solutions in Pet Food Manufacturing
Pigging Solutions in Pet Food Manufacturing
 

The design of forensic computer workstations

  • 1. The Design of Forensic Computer Workstations Presented by John Samborski, CEO Ace Computers Ace Computers 575 Lively Blvd. Elk Grove Village, IL 60007-2013 Contact 877-ACECOMP (877-223-2667) www.acecomputers.com
  • 2. About the presenter John Samborski, P.E. is a recognized expert in forensic information technology, with an extensive history of innovation and thought leadership in system integration. Since founding Ace Computers in 1983, he has aggressively pursued the development of custom, cost-effective products and services in concert with well-known industry leaders. He was a founding member of the Intel Premier Board of Advisors in 2002 and was awarded a life-time position. Ace Computers is one of the largest, oldest, and most respected custom technology developers and builders in the U.S. and holds numerous federal and state level contracts.
  • 3. Evidence … needs to be extractable from electronically stored information (ESI) sources without corrupting that evidence. Properly designed forensic computer workstations help accomplish that goal.
  • 4. What is digital forensics? The acquisition, scientific examination, and analysis of data retrieved from digital devices in such a way that the information can be used in a court of law or for the purposes of the retriever without any disturbance to that evidence.
  • 5. Designing forensic workstations In order to design forensic workstations, the first determination is what types of media need to be forensically read, retrieved from suspect data, and included in the chain of custody.
  • 6. Evidence and accuracy One of the most important steps is to ensure that the evidence has been accurately collected and that there is a clear chain of custody from the scene of the crime, to the investigator, and ultimately to the court.
  • 7. The workstation’s purpose Another key design decision is the workstation’s purpose: data acquisition, processing, or both. Many systems are multi- purpose and can perform forensic data acquisition and processing equally well.
  • 8. Processors and speed Other important considerations are the required processing speed, the number of processors, processor cores, and amount of memory anticipated for the data processing. •Systems are available with 1-4 processors and up to 1TB of RAM. •A popular configuration involves two Intel® Xeon® 6-core (each) processors and 256GB of DDR4 memory. •The number of processors and cores per processor should be determined by the system requirements of the software that will run.
  • 9. The media type Another consideration is the type of media the system needs to acquire data from. Once this is established, the next step is to plan and include write-protected data acquisition methods. The most basic media is a hard drive write-blocked forensic bridge.
  • 10. Write-blocked forensic bridges Write-blocked drive-bay mounted forensic bridges are available for all common hard drive types such as IDE, SATA, SAS, SCSI, IEEE1394 (Firewire), USB and with adapters for using 3.5”, 2.5”, and 1.8” size drives. A write-blocked flash media card reader is also useful for forensically reading media cards such as SD cards, CompactFlash, and others; this prevents the addition of anything to the source data.
  • 11. Read-write considerations A read-only media card reader is best, since it will prevent accidental corruption of the data. A read- write switchable reader can potentially be corrupted, but by using a model that is incapable of writing data, that source of error can be eliminated. It’s simple to add a standard external flash reader/writer to the system. Although it will be obvious to users that this external flash is capable of corrupting data, the internal model should be write-blocked at all times.
  • 12. Optical media Optical media is another common source of forensic data. This media is typically not written to without specialized software, so a standard DVD reader/writer or Blu-Ray reader/writer will perform this work adequately.
  • 13. The storage system Once the data can be read in a forensically safe manner, the data needs to be stored on either a target drive, a RAID array, or both. With the storage system defined, the design of the RAID system or the allowance of destination drive bays needs to be specified.
  • 14. GPU considerations Another decision is whether graphic processing units (GPUs)--for assistance in breaking passwords--need to be included. Normally, systems are shipped with a single graphics card used for display purposes, but users can also leverage the intense processing power of the GPU for assistance in brute-force password cracking through massively parallelized iterative attempts.
  • 15. Higher end graphics cards By using a higher-end graphics card or multiple graphics cards, the forensic system can also be used to shorten the time needed to break a password installed on a system or to open up files which have been encrypted.
  • 16. Password decryption servers Specialized password/decryption servers and clusters with multiple GPU optimized systems designed for 24-7 operation are also available, and are frequently used in the federal market by major government and law enforcement agencies.
  • 17. Ace Computers’ findings Ace Computers has benchmarked numerous platforms and found the optimal design and configuration for the optimal operation of the GPU subsystem for password cracking and it is one of our strongest areas of expertise.
  • 18. The value of a system integrator There are numerous items to consider when designing a forensic workstation and since the system components change often, it is best to work with a systems integrator that is actively involved in the market.
  • 19. What the system integrator does The systems integrator will know how to optimize the design based on the latest software, hardware, and thermal techniques.
  • 20. Integrators for government entities For government agencies, it also makes sense to work with a firm that can custom-design a system to exacting specifications and has popular contracting vehicles available to facilitate the purchase directly without the complications of contracting procedures.
  • 21. Thank you! Any questions? Contact Ace Computers 877-ACECOMP/(877-223-2667) www.acecomputers.com