Tutorial 4: Computer Forensics

If you are one of those people who, like me, enjoy watching crime dramas on television, than you have most likely heard of the term “Computer Forensics.” Special Agent Timothy McGee from the show NCIS has a master’s in Computer Forensics from MIT. But what exactly does that entail?

 http://www.clpex.com/Articles/TheDetail/200299/TheDetail241.htm

The image is non-copyrighted by creator

After researching the field, I hope to pass on to you a little of what I have learned, including:

     1. What is Computer Forensics?  

     2. What are the origins of Computer Forensics?

     3. What data can be collected using Computer Forensics?

     4. What techniques are used to collect this data?

     5. What areas of law relate to Computer Forensics?

     6. What is the RCFL, and where are the locations?

1. What is Computer Forensics?

               Forensics is the process of using scientific knowledge for collecting, analyzing, and presenting evidence to the courts¹. Computer forensic science is the science of acquiring, preserving, retrieving, and presenting data that has been processed electronically and stored on computer media.² Normally Computer Forensics is associated with computer crimes, but the forensics can also be used in civil trials.

2. What are the origins of Computer Forensics?

               During the 80’s when computers were becoming readily accessible to the individual, crimes solely using computers began to appear, including hacking. Computer Firensics was developed in order to recover and interpret digital evidence for use in court proceedings. Kruse and Heiser, authors of Computer Forensics, describe the field as being “more of an art than a science”³.

3. What data can be collected using Computer Forensics?

               There are two typical types of data that can be collected by Forensic Analysts:

1. Persistent data is preserved when the computer is turned off, so it is stored on a local hard drive or other medium.¹
2. Volatile data is lost when the computer is shut off. It is data stored in memory or that exists in transit and is located in registries, caches, and RAM.¹

4. What techniques are used to collect this data?

               There are three normal techniques used to collect data during investigations. These include Cross-drive analysis, Live analysis, and Deleted Files. 

1. Cross-drive analysis: this technique correlates information found on multiple hard drives. The process is still being researched.³
2. Live analysis: the examination of computers from within the operating system.³
3. Deleted files: the recovery or carving out of deleted files. Carving out of deleted data is searching for known file headers and reconstructing the deleted materials.³

5. What are the areas of law relating to Computer Forensics?

               The Fourth Amendment of the Constitution applies to unreasonable search and seizure, while the Fifth Amendment protects against self incrimination. When these amendments were written, there weren’t problems with computers. Nowadays the principles in the amendments can be applied to Computer Forensics and how they are practiced.

               There are three U.S. Statutory laws relating to Computer Forensics. These include the Wiretap Act, Pen Registers and Trap and Trace Devices Statute, and the Stored Wired and Electronic Communication Act.¹

6. What is the RCFL, and where are the locations?

http://www.rcfl.gov/index.cfm
Considered public information:
http://www.rcfl.gov/DSP_Privacy.cfm

               RCFL is a forensics laboratory and training center devoted to the examination of digital evidence that supports criminal investigations including terrorism, child pornography, internet crime, etc. The RCFL combines federal, state, and local law enforcement agencies to seize and collect digital evidence at crimes scenes, conducting impartial exams of computer evidence, and testifying if needed. There are 16 different RCFL’s in the United States, with each serving different areas of the USA.⁴

http://www.rcfl.gov/DSP_P_locations.cfm
Considered public information:
http://www.rcfl.gov/DSP_Privacy.cfm

Hopefully I have been able to give you a little more insight to the world of Computer Forensics! Next time you sit down to enjoy your favorite crime drama, (preferably NCIS), you will understand where the investigators are coming from when referring to Computer Forensics. :)

1. http://www.us-cert.gov/reading_room/forensics.pdf

2. http://www.fbi.gov/about-us/lab/forensic-science-communications/fsc/oct2000/computer.htm

3. http://en.wikipedia.org/wiki/Computer_forensics
4. http://www.rcfl.gov/DSP_P_about.cfm

Microsoft Access Database Project

     Having used an Access Database through work for the last few years, I am very familiar with using a database that is already put together. However, this is the first time I have had any option to actually build my own database.  I didn’t realize how much work actually goes into the creation of a database. Nearly everything that we were instructed to do in this project was new to me. I had not created queries, reports, or forms until this project, but now I think I have the knowledge to keep using the Access Database! I particularly like the query function, I definitely think that it is the most useful and is what makes Access different from the rest of the programs in the Office suite. I also learned why Access is used for databases so frequently. It makes it very easy to organize and find data.

     I thought the database seemed pretty functional to begin with, but I believe it to be quite slack on the amount of data. If it is to be used to keep track of information about the customers, I believe it should contain more fields of data than name, address, begin and end date, birthdates, and gender.  I think that the database should also include the amount paid for membership depending on if it was an individual or family account, as well as phone numbers and email addresses.  By including email addresses the gym would be able to send special offers to their customers, and possibly have the ability to recruit new customers through referrals.

Tutorial 3: Internet Protocol Addresses

     I’m sure everyone has heard of the term IP Address, but does everyone really understand what that term means? I know that I had no clue what an IP Address was, or why it was even necessary until Week 9. After realizing that an IP Address is actually important, I thought it would be interesting to find out more about the concept.

http://www.weblogcartoons.com/category/technology/

(This is a free use image: Permission can be found on http://www.weblogcartoons.com/about/)

     I plan to share with you some of the most interesting information I found along the way. This includes the basic understanding of what an IP Address is, as well as the problems that the Internet Corporation for Assigned Names and Numbers (Icann) are currently facing in regards to IP Addresses. I will also include how to find out what your own IP Address is!

What is an IP Address?

     IP Addresses, otherwise known as Internet Protocol Addresses, are unique numbers that are used to identify a computer. Each computer has a different IP Address, and that allows each computer to talk to one another. The current version of IP Addresses, known as IPv4, look like this: 192.0.2.53 
http://www.icann.org/en/factsheets/factsheet-ipv6-03feb11-en.pdf

     These numbers are normally assigned to ISP (Internet Service Providers) within region-based blocks. That way an IP Address can often be used to give a general location to where a computer is located, basically what region or country it is in.   http://whatismyipaddress.com/

Problems Facing Icann?

     IPv4 was started in 1976 by the Icann. One of the creators Vint Cerf, and his colleagues in the Defense Department were told to decide how many network address space should be given to an experiment connecting computers in an advanced data network. After a year, they decided on 4.3 billion separate network addresses! Of course, each one represents a different device that connects to the internet.

     Unfortunately, within the next 12 to 18 months, they are predicting that each of the 4.3 billion internet addresses will be used! That means the internet as it exists today will have reached full capacity.

http://www.nytimes.com/2011/02/15/technology/15internet.html?_r=1

     In order to counteract the capacity problem, IPv6, (a new version of the method IPv4 which is currently in place), is in trials. Comcast began these trials almost 6 years ago. IPv6 has a 128-bit address space, which is 340 undecillion (or 10^36) addresses, according to Wikipedia. http://en.wikipedia.org/wiki/Names_of_large_numbers

     To give an idea of the scale, if all existing 4.3 billion Internet addresses were contained inside a single Blackberry phone, the new system would fill a container the size of the Earth with Blackberry's each containing 4.3 billion IP Addresses. Comcast has begun customer trials, and is distributing dual mode cable modems that are able to support IPv4 and IPv6.

http://www.icann.org/en/announcements/factsheet-ipv6-26oct07.pdf

(Icann gives permission to use their photos as long as credit is given to the work. The permission can be found at this address: http://www.icann.org/photos/ ) 

     IPv6 has addresses that look like this: 2001:0db8::53, which are written in hexadecimal.

      Hexadecimal is a bit hard to comprehend, but here goes:

      In mathematics and computer science, hexadecimal (also base 16, or hex) is a positional numeral system with a base of 16. It uses sixteen distinct symbols, most often the symbols 0–9 to represent values zero to nine, and A, B, C, D, E, F to represent values ten to fifteen. For example, the hexadecimal number 2AF3 is equal, in decimal, to (2 × 16³) + (10 × 16²) + (15 × 16¹) + (3 × 16⁰) , or 10,995. http://en.wikipedia.org/wiki/Hexadecimal

What is My IP Address?

     If you are wondering what your IP Address looks like, feel free to visit www.WhatIsMyIPAddress.com. When you log onto this website, it shows a map with your general location, as well as displaying your IP Address, City, Region, Country, Connection type, and Internet Service Provider (ISP).

     Included is a screenshot of what I found when I visited this site:

(I have crossed out part of my IP Address)

Screenshots are original by Chelsea Wiseman

     Hopefully now you are able to see the necessity of an IP Address. Being able to see the necessity of an IP Address leads you to see the complexity of the problem facing Icann and IPv4. I was also hoping to make understanding what an IP Address is and how it is important to the future of the internet a little easier to see than what one normally encounters when researching a topic. I hope you enjoyed learning about one of the basic functions of the internet! :)

Secure E-Mail Project

     After receiving the two replies from our professor, I saved a screencapture of my Thunderbird Inbox to show that I successfully completed the project.

All screenshots are original by Chelsea Wiseman

     After researching for companies that use secure email to protect their data, I came across a company that is very successful at providing services to companies that are in need of protecting their data. This company is Zix Corp, and they have numerous customers. I found an article concerning the partnership between ZixCorp and Lockton, INC which is a insurance broker. The two have teamed up with healthcare organizations to provide them with secure data exchange.

The article can be found at: http://www.lockton.com/News-Releases/Lockton-and-Zixcorp-Help-Healthcare-Industry-with-Cyber-Liability

     ZixCorp and Locton, INC provide healthcare organizations that have cyber liability insurance coverage with ZixAuditor®, which shows organizations' exposures to data breaches and outsourced risks. This helps heathcare organizations comply with the Health Information Technology for Economic and Clinical Health Act (also known as the HITECH Act).

     Any breaches of personal healthcare information can damage a company’s reputation, as well as their financial well being. With ZixAuditor organizations are able to identify vulnerabilities in their email, as well as implement better procedures and monitor outgoing communications to determine compliance effectiveness.  The ZixAuditor service helps manage risks that companies might encounter with sensitive email exchanges.

     According to Lockton’s employee Emily Freeman, “The HITECH Act places huge responsibilities for cyber liability on healthcare companies, even if a data breach does not occur on their premises or is not caused by their own employees…” (http://www.lockton.com/News-Releases/Lockton-and-Zixcorp-Help-Healthcare-Industry-with-Cyber-Liability) The need for secure email and data exchange is ever growing, and ZixCorp is always there to help companies in need of protection. 


     Knowing very little about secure email exchanges, and their importance in the business world, I was pleased to be able to do this project! Now that I know how to secure my emails, I don't think I will have to worry anymore about sending data to people and having it compromised. I think this project is very handy for any up and coming business student! :)

     

Presentation Project: Goliath and Bebe's World

     Being an animal lover, I chose to do my project on the nonprofit company Goliath and Bebe’s World which is a dedicated no kill animal shelter. I really enjoyed this topic because it gave me an opportunity to discover more about the company. Enjoy! http://www.slideboom.com/presentations/313898/Goliath-and-Bebe%27s-World

     In my self-critique, I will admit to being very honest with myself. I believe the flow and sequence of content was very organized, and moved logically from one topic to the next so that the presentation was easy to follow. I included quite a bit of information, which I believe helped to answer questions before they were asked. After reviewing my presentation numerous times, I believe that I was able to answer most question people would have.  Most people are attracted by the site of cute animals, and I used that in my presentation. By including numerous pictures of dogs and other animals that are in need of help at the shelter, I believe the viewer’s attention is grabbed successfully in the first 30-60 seconds.

     I didn’t seem to ask many questions throughout the presentation, but I believe I included a significant amount of information so that the viewer knew everything that was important. I believe I was able to spark the viewer’s curiosity by incorporating pictures, and very real facts of the danger the shelter is in. I validated all my information and media by including all the links to where the information can be found.

     After proofreading my presentation, I was able to successfully avoid inconsistencies and errors, as well as typos and unbelievable claims due to the fact that all my information had cited resources. On avoiding clutter, I was not as successful. I believe my slides are in fact a little cluttered, but I felt the information included was very important and needed to be there. To ensure readability, I made sure the font was large and evenly spaced, and in colors that stood out among the background. Unfortunately, my computer is quite old, and therefore it doesn’t have a microphone. Therefore, all the information has to be read off the slides except for the video I included made by the shelter.

     By critiquing someone else’s presentation, I was able to better see what needed to be fixed in my presentation. I noticed small errors in my presentation I wouldn’t have originally caught. I thought it was a great opportunity to allow us to critique a peer’s presentation because both the author and the peer critiquing the presentation were able to improve on their own project.

     In business, presentations are very common. Getting up in front of a group of executives and giving a horrible presentation makes you and your company look bad.  Having the tools for creating appropriate presentations is priceless for an employee who is looking to make an impact in the business world.  This project, including the self evaluation, taught me that making clear, concise, and interesting projects is a must in order to present information clearly. Doing a self evaluation for the first time, I realized that looking at my presentation from an outsider’s point of view gives me a much better perspective on how my presentation will be seen, which will save me much embarrassment at go time!

Tutorial 2: Microsoft Excel Basics

     The Microsoft Office Suite is loaded with useful programs, including word processing, spreadsheets, note taking programs, and even an e-mail application. The most useful program I have used is Microsoft Excel, which is the spreadsheet application.  Excel by definition, is: “a commercial spreadsheet application written and distributed by Microsoft for Microsoft Windows and Mac OS X. It features calculation, graphing tools, pivot tables and a macro programming language called Visual Basic for Applications”. 

http://en.wikipedia.org/wiki/Microsoft_Excel

     The amount of information that can be contained in just one excel worksheet is staggering! I’ve included some interesting facts about the exceptional amount of information that can be entered into Excel 2007.

**One spreadsheet file can contain more than 1,000 worksheets

**Can have more than 16,000 columns and more than 1 million rows

** More than 17 billion cells

     The most useful function on Microsoft Excel is its ability to use many different functions and formulas to automatically calculate just about anything you could need. However, in order to get accurate answers, there is a certain way that formulas and functions must be typed into the Excel spreadsheet. In order to understand the correct way to input information into a spreadsheet, there are basic terms one needs to be familiar with. 

     After learning the basics, Excel will almost instantly become one of your favorite tools!

     Here are some terms to keep in mind while using Excel:

1. Spreadsheet: Allows users to organize data in rows and columns and perform calculations on the data

2. Cell: The intersection of a row and column  

     **Cells can contain three types of data: Labels, values, and formulas

3. Worksheet: The rows and columns are collectively called a worksheet

4. Workbook: A collection of worksheets

5. Label: The text in a cell that identifies the worksheet data and helps to organize the worksheet

6. Value: A number in a cell that can be used in a calculation

7. Formula: Performs calculations on the data in the worksheet and displays the resulting value in a cell, usually the cell containing the formula.

8. Function: Predefined formula that performs common calculations such as adding

     **When inserting a function, an = must always be the first character.

Here is a worksheet, with some main parts highlighted for clarification:

     There are four formulas I seem to use more often then most when analyzing data in Microsoft Excel. They include Summation, Average, Minimum, and Maximum. Below are definitions of the formulas, complete with screen shots providing examples. The data I have chosen to help show the formulas consists of ten students fictitious test scores.

1. SUM: The SUM function takes all the numbers in a specified range and adds them together. For example, for data in the example, the syntax would be =SUM(A2:A11)
 

2. AVERAGE: Provides the average of a range of numbers. In the example above, the syntax would be =AVERAGE(A2:A11)

 

3. MINIMUM: Provides the smallest number in a set of values. In the example above, the syntax would be =MIN(A2:A11)

4. MAXIMUM: Provides the largest number in a set of values. In the example above, the syntax would be =MAX(A2:A11)

     Using these different function to analyze data make it easy to determine what parts of the data are significant and what parts are not. The evolution of spreadsheet applications save tons of time and make it possible to analyze the data in ways that couldn't be done before. The best way to be able to use Microsoft Excel to its full advantage is to first understand the basics, which I hope is a bit clearer now! :)

All screen shots are original by Chelsea Wiseman.

Excel Project

     The Excel Project that I completed consisted of a scenario about the job I have at a large fitness center, and the research my boss is collecting on the effectiveness of a particular workout. The data I have contains the age, sex, and heart rate measurements of 500 test subjects through a 15 minute workout and 5 minute cool down. This assignment uses many different aspects of Excel, including some that I am not familiar with, even after taking an Excel class back in community college.

One of the skills used in this project included formatting some of the raw data:

•                Freeze panes: The locking of certain rows or columns so they are always displayed no matter where you scroll on the worksheet.

•                Formulas: Using formulas to calculate the Maximum Heart Rate, the Target Heart Rate, the Highest Heart Rate Achieved, whether or not the Target Heart Rate was achieved, and the Percentage Increase in the Heart Rate.

•                Page Layout Formatting: Changing the print setup to display all columns across a single page, printing certain rows at the top of every page, and headers and footers.

Another skill used in this project was data analysis of some of the raw data:

•                Pivot Tables: Pivot tables are a feature in Excel that I have not had the ability to work with yet. However, they are a feature I will use as often as possible! A pivot table is an excellent way to summarize data from a multitude of subjects. They manipulate the data into any form wanted in order to compare any number of characteristics against each one another. For example, here is the screenschot of my AvgIncrease Pivot Table:

     The Pivot Table compare the Average of the Percent Increase of Heart Rate in three decades of subject ages to whether they were male or female. This table shows that 89.3% of males and females age 20-29 increased their heart rate. This is much more easily calculated using a Pivot Table rather than computing by hand or by a single formula.

     Having used Excel for a few years now, I have discovered it to be one of my favorite programs. I love how I am still able to find new feature after all this time! This project really helped to refresh my skills and learn new ones.