Sunday, July 10, 2011

SECTION 79A OF INFORMATION TECHNOLOGY ACT ( AMENDMENT) 2008

Section 79A, of Indian information Act Amendment 2008, has made provision for creation of Government Examiner of Digital Documents, to examine the digital (Electronic) evidence deposed by various investigating agencies. So far no Organization was declared or created. Why the authorities are silent ?. Who should take the initiative? Is it Directorate of Forensic Science services (MHA) or CERT-In?

Saturday, May 21, 2011

sastry-cyber forensics: TRENDS IN CYBER FORENSICS

sastry-cyber forensics: TRENDS IN CYBER FORENSICS: "In India , Cyber Forensics is seen more as a reactive tool, to investigate the chain of events once the crime occurs. But the need of the ho..."

Friday, May 20, 2011

TRENDS IN CYBER FORENSICS

In India, Cyber Forensics is seen more as a reactive tool, to investigate the chain of events once the crime occurs. But the need of the hour is using it as a proactive tool to stop cyber crime and cyber terror attacks. Hence, a two-way, proactive and reactive, consolidated model needs to be put in place to track terrorist activities and curb criminals. Proactively, regular monitoring and collecting evidence through ‘packet' level forensics, will help to pick up the indicators and triggers before the actual event takes place and generate intelligence inputs for agencies to investigate further.  Reactively, detailed post-event forensics by carrying forensic analysis of routers, mobile phones, laptops etc., will provide insights of how cyber criminals are operating. Currently, the cyber forensic labs in India are capable of only off-line or postmortem analysis of digital evidence (popularly called Media forensics). The need of the hour is to develop expertise and capabilities in the following areas:
  1. Real-time collection of network traffic and analysis of the same to prevent cyber crime and cyber attack on national critical information infrastructure. (called Network Forensics)
  2.  Forensic analysis of iPods, GPS, Satellite Phones and other navigation phones (called GPS Forensics).
  3. National Grid Computing facilities for cracking lengthy passwords and for decrypting the encrypted information.
  4. Forensic analysis of large data bases, cloud computing forensics, Main Frame forensics.
  5. Forensic analysis of routers, hubs and switches to identify root kits, Trojans and other malware programmes and to identify IP Router Attacks.
  6. Forensic analysis of wireless communication devices.
  7.  Mobile Laboratory Forensic Analysis Facilities for imaging the suspected storage media at the scene of crime and for cyber crime-scene management. 
  8.  Forensic analysis of hidden data by using encryptions, steganography and other data hidden techniques.
  9.   Forensic Analysis of pre-programmed chips which are a part of guided missiles, satellites, defense equipment to identify any Malware Programmes (called Embedded Forensics).
  10.  Multi-lingual Analysis of the network traffic and the storage media for timely identification of cyber crimes committed by non-English speaking criminals.
PL SUGGEST SOME MORE IDEAS FOR DEVELOPING CYBER FORENSICS IN THIS COUNTRY