|
|
Overview
The 3rd China Computer
Forensics Conference (annual conference 2007), co-organized by Beijing
Institute of Forensics, China Institute of Defense Science and Technology,
China Computer Forensic Research Team, International High Technology Crime
Investigation Association Asia Pacific Chapter, Association of Certified
Fraud Examiners Hong Kong Chapter, Information Security and Forensics
Society Hong Kong Chapter, will be held in Beijing on June 25 - 29, 2007. The topic of
this Conference is "Computer Forensic and
Investigation into White-Collar Crime, Business Fraud and High-Tech
Crime".
China
Computer Forensics Conference is a high-level and new-perspective annual
gathering of international academics and professionals, aiming at
facilitating the development of advanced computer forensic technology both
domestically and internationally, as well as spreading technical
experience and promoting communications amongst computer forensic
practitioners, law enforcement professionals and experts in the related
fields. The first two conferences have been very successful and
contributed to the development of computer forensic technologies, with the
topics respectively focusing on legislations and regulations, data
restoration, data mining and integration, evidence preservation, and
investigation of computer forensic and its technologies.
As the result of the continued development of new technologies
internationally and the increasing domestics demand, this Conference will
further expand the coverage by providing more presentation topics so as to
further absorb new technologies, meet new demands, and realize better
corporation with international institutions and law enforcement agencies.
Apart from relevant domestic academics and professionals, those who will
attend the conference also include practitioners from the fields of
finance, education, business consulting and investigation, and IT
information security, as well as experts and scholars from more countries
and regions. The Conference has gradually become an international
conference from a domestic professional meeting.
In addition, workshops with different topics are added to this Conference
to provide the participants with an opportunity to learn the skills of
using advanced software and hardware in computer forensic, to acquire
high-level and practical techniques, and to communicate with international
professionals face to face.
The
rapid development of science and technology and the great increase in the
number of computer-related crimes result in the urgent need to enhance
researches, strengthen regulations and procedures, and facilitate
legislations on computer forensic and its related fields. It is believed
that China Computer Forensics Conference will have a more far-reaching
impact on the development of China's computer forensic technology.
Keynote Speech: The future of
High-Tech
Investigations
– Evolution or Revolution
Mr. Paul Jackson,
Vice
President HTCIA Asia Pacific
Chapter.
Abstract:
IT Crime investigation skills and
techniques are in their infancy when compared with traditional policing
issues. Yet, even in this brief existence, we are already on the brink of
further major changes in practices and methodologies in this field. Is
this a natural evolution, or do we need to re-think the whole enforcement
approach?
This talk will explain the
evolution process and show the trends which indicate that wholesale
changes will be required in the future. Law Enforcement and private
industry alike will face huge challenges which can only be met through a
dynamic training, procedural and legal process.
Internet Piracy and Forensics
Mr. Michael
Kwan
Council Member of Information Security & Forensics
Society
Manager of the Computer Forensic Laboratory, Hong Kong Customs
& Excise Department
Abstract:
The Internet era enabled communication and
information exchange on a global scale. In recent decade, Internet usage
has become popular and with high penetration rate. Music, books, movies,
software, games, speeches, research papers - everything is now being
transformed to digital format and traded on the Internet. However, this
also opened the door to copyright infringement on a global scale.
This talk will try to shed light on the
technological causes of copyright infringement on the Internet. Through
the illustration of the operation of a peer-to-peer protocol (the
BitTorrent), the speaker will also highlight some computer forensics
issues in regard to Internet piracy.
Fraud
Examination
Mr. CK Cho,
President of
ACFE Hong Kong Chapter
Abstract:
Legal and
practical issues relating to the conducting of fraud and corruption
investigations in Hong Kong, including discussions of legal elements of
computer related crimes.
Legal elements of
fraud, corruption and computer related crimes in Hong Kong Investigatiive
powers and collection of evidence on computer related cimes. Relevant
court decisions and case studies will be considered.
White
collar crime - Global reality and how to fight it
Mr. Eddie
Sheehy,
CEO, Nuix Inc. Australia
Abstract:
The United States
Bureau of Federal Investigation estimate white collar crime to cost their
country over $300 billion each year. White collar crime is a growing
reality across the world, often made up of complex and sophisticated
actions by individuals and/or companies. A real dilemma exists for
Government and corporate organisations who recognise the massive cost on
society, the marketplace and shareholder value. Although they wish to stop
these crimes and bring perpetrators to justice - it can be a
time-consuming, expensive and without insider knowledge - it can often be
a fruitless activity.
Eddie Sheehy, CEO of Nuix,
the world's leading forensic email and data analysis software, will
provide a fascinating global snapshot of white collar crime and explain
how leading organizations - both public and private - are cost-effectively
identifying, investigating and prosecuting it. He will trace the routes of
combating white collar crime from the computer forensic investigators,
into the Government regulators and ultimately into the legal and court
environments. He will offer some real-life case studies and examples from
sectors including government and regulatory, legal, corporate and computer
forensics.
Computer forensic case studies: Examples
of the digital smoking gun
Ms. Carole L.
Longendyke
Director of Forensic and Investigation Services of Grant
Thornton
LLP,
Abstract:
Although the use of digital forensics in criminal investigations and civil
litigation has increased dramatically in recent years, the science has not
yet become standard process by lawyers and fraud investigators. This
may be due to the lack of technical understanding, but is more likely due
to the lack of awareness of its value. Whatever the reason may be,
the result is that many lawyers, litigants, and investigators are missing
tremendous opportunities to find the evidence needed to achieve victory in
court. This eye-opening session will cover real case studies of
legal matters, both criminal and civil, that have hinged on the collection
and interpretation of electronically stored information.
Mobile Phone Forensics - The End of Another Black
Art?
Mr.
Kevin Mansell,
Control-F Ltd.
(UK)
Abstract:
Mobile phone forensics is
coming of age. With a rapidly growing community of practitioners around
the world, phone forensics is transitioning from a "black art" to a
respected discipline with recognised good practice. Is your organisation
properly exploiting the power of mobile phone evidence?"
Counter-Forensics - The methods being used to
defeat Computer Forensic Examiners
Ben Pasco BSc
PhD
Director - Forensic Technologies , Ferrier Hodgson - Hong
Kong
Abstract1:
Financial
Statement Fraud by listed MNCs is considered the most destructive of all
types of White Collar Crime as it affects people at all levels and usually
in many countries.
To make matters worse,
current audit practices are totally ineffective in preventing and
detecting fraud; they are carried out by accountants for accounts to meet
regulatory requirements set by accountants. The stakeholder is totally
ignored. In fact, recent history has shown that the bigger the audit firm
the larger the value of the fraud.
The major stakeholders, e.g. banks, lenders and other
financial institutions have noted this and have engaged a number of
non-audit, hence independent, forensic accounting firms to represent their
interests and look into matters for them as they arose. The success of
these engagements has now led the same stakeholders to engage the same
firms to look into fraud preventative measures that can be implemented and
monitored.
For obvious reasons, every
forensic deployment involves the examination of computers and often in the
past, some of the financial evidence that resides on these computers is
overlooked by ex-law enforcement examiners, simply because they don¡¯t
understand the significance of the evidence. This is because the nature of
Computer Forensics in law-enforcement has fundamentally remained
unchained.
The private sector on the
other hand has responded to these shortfalls and is growing out of
Computer Forensics and evolving into Forensic Technologies, which
currently encompasses Computer Forensics, Electronic Discovery and Data
Analysis.
This evolution has also
resulted in broadening the recruiting base for forensic examiners from law
enforcement and military, to forensic accountants, lawyers and other
related professions, thus creating a rich combination of skill sets in the
profession.
This presentation will show
how an integrated Forensic Technologies approach has greatly assisted the
stakeholders of listed MNCs to prevent, detect and prosecute
fraud.
Abstract 2:
Countering computer forensic examinations is not new, however
the tools that have been developed are highly disruptive to examiners and
the tools that are in development will make current methodologies
obsolete.
Some of these tools are
starting to show up in the region making the examination of computer
activity extremely difficult, and when the new tools are launched;
forensic methodologies must be ready to meet the
threat.
This short presentation will
highlight the areas of concern and stimulate thought with the aim of
developing solutions for the future.
Latest features of X-Ways Forensics
Mr. Stefan Fleischmann,
CEO,
X-Ways Software Technology AG, Germany.
The focus of this workshop is to provide
:
the most important features in X-Ways
Forensics, such as
- creating images, creating a case, adding images
- understanding the directory browser
- refining the volume
snapshot
- finding more deleted files, embedded files, and hidden data
- finding inappropriate pictures
- e-mail analysis
- using the
hash database
- running keyword searches, indexing
-
creating/using evidence file containers
- reassembling RAID 0, RAID 5
- creating a report
- collaboration model for computer specialists
and other investigators
Network Forensics: The New Frontier of Digital
Investigations
Jean-Fran ois
Legault, M.Sc.
Senior Manager - Analystic & Forensic
TTechnology
Deloitte & Touche LLP, Montreal, Canada
Abstract:
Forensics
has become an important part of many fraud investigations.
Investigators will seize and analyse hard drives and other storage media
looking for evidence related to the case they are
investigating.
But there are other sources of information that
reside on the network. These may provide additional insight to the
investigator and assist him in understanding the events which occurred by
shedding a new light on previously acquired
information.
Principles of network forensics can be applied to a wide variety of
investigations ranging from fraud to theft of trade secrets.
Participants will learn how network forensics can provide additional
information to build and prove their cases.
Workshop:
Network forensics for digital
investigations
Computer forensics has become an essential part
of many fraud investigations with investigators collecting and analyzing
hard drives and other storage media looking for evidence related to the
case at hand. But one must remember that most business activity
conducted today is done over some form of a network or another and this
activity does leave a trail. Collecting and analyzing this
information can provide additional insight into the events being
investigated.
This workshop will explain how investigators can take advantage of
network forensics as part of their investigations, focusing on log and
network data analysis. It will also examine how compliance officers
and auditors can further their security programs through network
forensics.
The focus of this workshop is to provide
participants
with:
A
technical understanding of network based
evidence
The
ability to identify relevant sources of
evidence
Methods
to identify and improve the evidence available to
them
Tools and
techniques for collection and analysis
The programme will
include:
Technical primer
Sources of network based
evidence
Identify gaps and building a data retention
program
Collecting network based
evidence
Analyzing network based evidence
Who should
attend:
Investigators
Compliance
officers
Incident
responders
Auditors
Forensic Investigations Tools – Encase v6
Mr. Frank Butler,
Director of
Business Development Training Division, Guidance Software.
(US)
Preparing your
Workstations for Digital Evidence 
BJ
Gleason
University of Maryland, University College, Asian
Division
Abstract:
More crimes than ever before are leaving a trail of digital evidence
behind. However, if an organization is not prepared to recognize,
preserve, collect, and analyze this evidence, the criminals may never be
caught. Now, more than ever, organizations need to take a proactive
approach and start integrating digital forensics processing into their
standard operating procedures. However, by the time investigators arrive
at the scene of the digital crime, the evidence often has been wiped
clean. This paper examines the issues and difficulties faced by
organizations trying to incorporate digital forensics into the work
environment. The author also proposes a new methodology for collecting and
preserving potential evidence before an incident even
occurs.
 
|
