Forensics Analysis

Forensic Investigations, Discovery, and Analysis

Litigation Support

 

International Consultants & Investigations offers

Computer Forensics For Investigations supporting

Law Firms, Corporations, Government

 

Preservation and analysis of electronic

evidence using methods acceptable in courts of law

 

FORENSIC: Relating the application of scientific

knowledge to legal problems

 

SCIENTIFIC METHOD:  Principles & procedures for the

systematic pursuit of knowledge involving recognition

& formulation of a problem, collection of data

through observation and experiment , and

formulation & testing of hypotheses

 

PRESERVATION

Documentation

             Chain-of-custody

             Acquisition

Goal: Preserve w/o impact

Reality: Understand impact

Write-block when possible

 

AVANCED PRESERVATIONS

               Live systems      

               Networks

               The “Cloud”

               What about data security?

 

DATA SECURITY

            TrueCrypt

             File, device, and boot volume encryption

             Lots of flexibility, extremely powerful

             Open source

ANALYSYS

                Data carving

                Internet history

                Removable storage activity

                Document metadata

                Evidence spoliation

                Malware identification

SAMPLE TOOLS

                EnCase / EnCase Enterprise

                Forensic Toolkit (FTK)

                ProDiscover IR

                X-Ways Forensics

                SANS SIFT

                CelleBrite

 

SPY SOFTWARE

Spy software detection

                Browse “Program Files”

                Antivirus?

                Configuration Review

                Known Hash Values

                Software Remnants (Post-Uninstall!)

                Log entry carving

Remote access software used for spying?

                Windows Remote Desktop, LogMeIn, VNC,

                GoToMyPC, Screen Sharing, Back to My Mac

 

LOG ME IN REMNANTS

Remnants of spy and remote access software can

be exported from live files and carved from

unallocated space:

 

GPS

Many GPS devices have readily accessible

storage which can be forensically preserved

Others may require vendor assistance

Live data can be plotted on Google Earth

Deleted data can be plotted as well once it’s

identified and extracted properly

 

 

 

consulting

 

 

International Consultants & Investigations - Forensics
financialinvestigators
Home Page
Earl R. Johnson, D.M. CII
President

King V. Cheek, JD/LLB
Executive Vice-president

Troy Wilkinson
Executive Vice-president of
Cyber Security Services

William J. Reilly Jr. 
Vice-president

Robert Holguin, MBA
Division Head
Special Projects, Technical Consultant

Stephen R. Green, MA
Division Head
Securities—Financial Fraud

Wes Doss
Director Training

Donald Amaeshi, MA.
Director, Africa, Europe Division.

Abdulhamied Alromaithy, Ph.D.
Director, Middle East Division.

 

investigator licensed shield
New York State License
New Jersey State License
Council of International Investigators
Member - Council of International Investigators

ICI maintains an international network of operatives to assist in investigations, recovery, security, bank activities, confidential guidance and assistance in dealing with arbitrage transactions.
ICI offers services in foreign languages as: Spanish, French, Russian, and Chinese.

©2002 - 2010 Copyright International Consultants and Investigations, Inc — PrivacyPolicy
WebMaster Bob Holguin