Scribd
Upload
13 views3 pages

Ekrama ETI Assignment 4 (22203C0010)

The document outlines procedures for handling encrypted files as evidence, emphasizing the importance of creating forensic images and maintaining chain of custody to ensure integrity. It also discusses ethical norms in forensic investigations, highlighting the need for privacy, neutrality, and proper authorization, while warning against potential violations. Additionally, it explains Locard’s Exchange Principle and its application in tracing digital interactions related to evidence.

Uploaded by

Ekrama Ansari
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as DOCX, PDF, TXT or read online on Scribd
13 views3 pages

Ekrama ETI Assignment 4 (22203C0010)

The document outlines procedures for handling encrypted files as evidence, emphasizing the importance of creating forensic images and maintaining chain of custody to ensure integrity. It also discusses ethical norms in forensic investigations, highlighting the need for privacy, neutrality, and proper authorization, while warning against potential violations. Additionally, it explains Locard’s Exchange Principle and its application in tracing digital interactions related to evidence.

Uploaded by

Ekrama Ansari
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as DOCX, PDF, TXT or read online on Scribd
You are on page 1/ 3

DEPARTMENT OF COMPUTER

ENGINEERING

Subject: ET Subject Code: 22618


Semester: 6th Semester Course: Computer Engineering
Assignment No. : 04 Name of Subject Teacher: Prof. Vaishali
Malkar
Name of Student: Ekrama Ansari Roll Id: 22203C0010
Problem 1: Evidence Handling and Chain of Custody

1.Steps to Authenticate and Validate Encrypted Files as Evidence:


 Identify the encrypted files using forensic tools and note their
locations.
 Create a forensic image of the device to prevent altering the original
evidence.
 Generate cryptographic hash values (e.g., SHA-256) for integrity
verification.
 Document all relevant metadata such as file name, size, timestamp,
and encryption details.
 Use authorized methods to attempt decryption; log all actions
taken.
 Verify decrypted content using hash comparisons and contextual
analysis.
 Ensure the original evidence is preserved in a secure and
unmodified state.
2. How Chain of Custody Ensures Integrity:
 Tracks every individual who handled the evidence.
 Records the time, date, and purpose of each evidence transfer.
 Prevents unauthorized access or tampering.
 Validates the authenticity of evidence in court.
 Breaks in the chain can result in inadmissibility or credibility loss.
3. Challenges in Handling Volatile Evidence on a Smartphone:
 Risk of data loss due to device shutdown or automatic memory
clearing.
 Potential for remote wipe commands or malware that destroys
evidence.
 Strong encryption and screen locks that prevent access.
 Time-sensitive data (like RAM contents or open app states) may
disappear quickly.
 Legal or logistical delays in seizing and analyzing the device.
Problem 2: Applying Ethical Norms in Forensic
Investigations

1. Ethical Norms to Follow:


 Respect privacy and access only case-relevant data.
 Maintain neutrality and avoid bias during analysis.
 Accurately document all findings and actions taken.
 Operate within legal boundaries and obtain proper authorization.
 Secure all evidence to prevent unauthorized changes or access.
2. Possible Ethical Violations and Their Consequences:
 Accessing personal or irrelevant files may violate privacy laws.
 Altering or fabricating evidence can result in legal penalties and
dismissal of the case.
 Breach of confidentiality may lead to reputational damage or
lawsuits.
 Performing an investigation without proper authorization can render
all findings inadmissible.
 Bias in reporting may mislead the legal process and harm the
investigation's credibility.
3. Application of Locard’s Exchange Principle:
 Any interaction with company data likely leaves digital traces, such
as access logs or file copies.
 Analysis of device logs, email, and cloud storage can show data
movement or theft.
 Metadata may reveal file modification, creation dates, and user
account involvement.
 USB and external device history may prove data export.
 Digital footprints like login times, IP addresses, and system events
can link the suspect to the misuse.
Grade Process Related Product Related Dated Sign
and
Dated (15) (10)
Signatur
e of
Teacher

You might also like

pFad - Phonifier reborn

Pfad - The Proxy pFad of © 2024 Garber Painting. All rights reserved.

Note: This service is not intended for secure transactions such as banking, social media, email, or purchasing. Use at your own risk. We assume no liability whatsoever for broken pages.


Alternative Proxies:

Alternative Proxy

pFad Proxy

pFad v3 Proxy

pFad v4 Proxy