29
Cyber Forensics in C-DAC Apr 21, 2022 Resource Centre for Cyber Forensics 1
Cyber Forensics in C-DAC
Apr 17, 2023 Resource Centre for Cyber Forensics 1
Apr 17, 2023 Resource Centre for Cyber Forensics 2
Technical Resource Centre
• Establishment of Technical Resource Centre Establishment of Technical Resource Centre (TRCCF) to follow up the implementation of IT (TRCCF) to follow up the implementation of IT ACT 2000 of ACT 2000 of Government of India Government of India
• Indigenous development of Disk and Network Indigenous development of Disk and Network Forensics ToolsForensics Tools
• Expert Technical Services to Law Enforcement Expert Technical Services to Law Enforcement Agencies such as Forensic Analysis, Agencies such as Forensic Analysis, Authentication and Evidence presentationAuthentication and Evidence presentation
• Training to personnel of Judiciary, Police and Training to personnel of Judiciary, Police and other Law Enforcement Agencies & Public and other Law Enforcement Agencies & Public and Private Private Corporates on Cyber ForensicsCorporates on Cyber Forensics
Apr 17, 2023 Resource Centre for Cyber Forensics 3
TRCCF Achievements
Successfully developed the country’s first set of indigenous Cyber Forensics Tools CyberCheck Suite comprising of TrueBack, CyberCheck and Email Tracer
Over 50 licenses of the product supplied to several Law Enforcement Agencies in the country (CBI, DFSL, ACSE)
Conducted a number of training programs to LEA (Police, Judiciary)
Assisted LEA in analyzing over 20 Cyber Crime cases
Apr 17, 2023 Resource Centre for Cyber Forensics 4
Resource Centre
The success of the TRCCF project and the request for new features and facilities from end users prompted DIT to setup a Resource Centre for Cyber Forensics at C-DAC, Thiruvananthapuram.
ObjectivesTo establish Resource Centre for Cyber Forensics (RCCF) for enhancing cyber forensics tools already developed as well as carrying out new developments, while meeting the requirements of the Law enforcement agency.
Apr 17, 2023 Resource Centre for Cyber Forensics 5
RCCF – Achievements
DeviceAnalyst Suite – Device Forensics Tools
• PDA Imager & Analyzer – Tool for imaging and analyzing PDA contents
• SIM Card Imager & Analyzer – Tool for imaging and analyzing GSM SIM Card contents
• CDR Analyzer – Tool for analyzing Call Data Records
Cyber Forensics Hardware Tools
• TrueImager – High speed H/W based Disk Imaging Tool
• TrueLock – H/W based drive lock for write protecting IDE/SATA disks
RCCF and E-learning Portal : www.cyberforensics.in
Apr 17, 2023 Resource Centre for Cyber Forensics 6
RCCF – Achievements
Training
Conducted 18 training programmes to leading Law Enforcement Agencies and Judiciary
Technical Services
Received material objects involved in more than 150 cyber crime cases and submitted reports on 93 cases after analysis.
Apr 17, 2023 Resource Centre for Cyber Forensics 7
RCCF – Other Achievements
Expertise has been built up to tackle new development challenges in Cyber Forensics and Cyber Crime Analysis.
Well equipped lab setup with facilities for analyzing most types of cyber crimes.
About 75 copies of CyberCheck Suite have been supplied to different Law Enforcement Agencies of the country during the period of the RCCF project.
Enrolled as an Associate Member of National White Collar Crime Centre (NW3C), USA.
Apr 17, 2023 Resource Centre for Cyber Forensics 8
RCCF – Outcome
Development of Cyber Forensics tools comparable to international tools like ENCASE.
Deployment and usage of these tools by leading Law Enforcement Agencies like CBI, IB, State Police Departments and Forensic Science Labs. CBI is using our tools extensively for training.
Analysis of very important cyber crime cases using the developed tools.
Apr 17, 2023 Resource Centre for Cyber Forensics 9
Enterprise Forensics
ObjectivesObjectives
•Design and development of Enterprise Design and development of Enterprise Forensics SystemForensics System•Development of Advanced Cyber Forensics Development of Advanced Cyber Forensics Hardware and Software ToolsHardware and Software Tools •Setting up Virtual Training EnvironmentSetting up Virtual Training Environment
Apr 17, 2023 Resource Centre for Cyber Forensics 10
Enterprise Forensics- Achievements
Cyber Forensics Software Tools
a. CyberCheck Ver 4.1
b. MobileCheck Ver 1.0
c. Forensic Data Carver (F-DaC)
d. Forensic Registry Analyzer (F-RAN)
e. Forensic Thumb Nail Extractor (F-TEx)
f. TrueBack Forensic Edition (Windows and Linux)
g. Windows Live System Imager and Analyzer (WinLift)
Apr 17, 2023 Resource Centre for Cyber Forensics 11
Enterprise Forensics- Achievements
Cyber Forensics Hardware Tools
a. TrueImager Ver 2.0 (Handheld Imaging tool)
b. TrueBackBridge (for Imaging computers without physically opening them)
c. TrueTraveller (portable forensic toolkit)
Apr 17, 2023 Resource Centre for Cyber Forensics 12
Enterprise Forensics- Achievements
Enterprise Forensics System
Designed and developed an Enterprise Designed and developed an Enterprise Forensics tool for carrying out forensics on Forensics tool for carrying out forensics on remote systems in a networkremote systems in a network
Apr 17, 2023 Resource Centre for Cyber Forensics 13
Enterprise Forensics- Achievements
Virtual Training Environment
Setup a Virtual training environment and Setup a Virtual training environment and developed modules (including practical developed modules (including practical sessions) for carrying out training in Basic and sessions) for carrying out training in Basic and Advanced Cyber Forensics using this Advanced Cyber Forensics using this environment. The system has been successfully environment. The system has been successfully used in various training programmes.used in various training programmes.
Apr 17, 2023 Resource Centre for Cyber Forensics 14
Enterprise Forensics- Achievements
• 42 Copies of Cyber Forensics Tools developed at RCCF supplied to IT Centre, Damascus, Syria setup by Ministry of External Affairs, India. Order value is Rs. 46.2 lakhs.
• MCTE, MHOW placed an order worth Rs 22 lakhs for Cyber Forensics tools and training.
• RCCF participated in the Cyber Forensics Challenge organized by the Cyber Crime (DC3) cell of the US Department of Defence and was ranked 12 among non – US participants.
Current Activities
• Design and Development of BitLocker Decryption tool
• Design and development of ISCSI based forensic tool
• Design and development of Photo Forensics tool
• Design and development of Language Identification tool
• Design and development of Virtual forensics tool
• Design and development of Mobile Phone Hardware tool
• Porting of existing tools to 64 bit environment
Apr 17, 2023 Resource Centre for Cyber Forensics15
Main Objectives of RCCF
1. Design and development of cyber forensics tools
2. Technical Support – Consultancy and Analysis of cyber crimes
3. Training on Cyber Forensics
Forensic Tools developed by C-DAC
Disk Forensics Tools
TrueBack – Disk Imaging Tool
CyberCheck – Data Recovery and Analysis Tool
Network Forensics Tools
CyberInvestigator – Forensic Log Analyzer
NeSA on Linux – Network Session Analyzer
EmailTracer – Tool for tracing sender of email
Live Forensics Tools
WinLift - Examining and analyzing live systems
Enterprise Forensics
EFS - Enterprise Forensic System Tool
Apr 17, 2023 Resource Centre for Cyber Forensics17
Forensic Tools developed by C-DAC
Free Forensics Tools
F-RAN – Forensic Registry analyzer
F- DAC – Forensic Data Carver
F-TEx - Forensic Thumb Nail viewer
Device Forensics Tools
• PDA Imager & Analyzer – Tool for imaging and analyzing PDA contents
• SIM Card Imager & Analyzer – Tool for imaging and analyzing GSM SIM Card contents
• MobileCheck –Software for forensics of mobile phones
Apr 17, 2023 Resource Centre for Cyber Forensics18
Forensic Tools developed by C-DAC
Cyber Forensics Hardware Tools
• TrueImager – High speed H/W based Disk Imaging Tool
• TrueLock – H/W based drive lock for write protecting IDE/SATA disks
• TrueTraveller – Portable Forensics kit• TrueBackBridge – Device to seize/image computers
without physically removing the hard disk.
Apr 17, 2023 Resource Centre for Cyber Forensics19
Apr 17, 2023 Resource Centre for Cyber Forensics 20
Main Achievements
Within a very short period, the Resource Centre for Cyber Forensics (RCCF) has established itself as a Centre of
Excellence in Cyber Forensics. RCCF was dedicated to the nation on Aug 23rd, 2008 by the Hon’ble Union Minister of Communications and Information Technology.
Designed and developed the first indigenous suite of products for carrying out cyber forensics investigation. The Centre has generated over Rs. 300 lakhs through commercialization of its products.
More than 1500 Law Enforcement Officers have been trained through various training programmes. The Centre has conducted over forty training progarmmes and generated a revenue of Rs. 85 lakhs.
Technical support in cyber crime analysis of over 400 cases, some of paramount importance,has been provided.
Organizations that use CyberCheck Suite
National Investigation Agency
Army Cyber Security Establishment, New Delhi
Intelligence Bureau, New Delhi
Delhi Police, New Delhi
CBI and CBI Academy, Ghaziabad
GEQDs of Hyderabad and Shimla
CFSL, Hyderabad
FSLs of Chandigarh, Chennai, Thiruvananthapuram and Haryana
DFSL, Gujarat
Cyber Crime Investigation Cell, Thane, Maharashtra
Cyber Cells of Bangalore and Arunachal Pradesh
SCRB, Thiruvananthapuram
National Academy of Taxes, Nagpur
National Police Academy, Hyderabad
Cabinet Secretariat, New Delhi
Kerala IT Mission, Thiruvananthapuram
Hitech Cyber Cell, Thiruvananthapuram
Training on Cyber Forensics
Conducted more than 40 training programmes to leading Law Enforcement Agencies and Judiciary.
Over 1500 Law Enforcement officers have been trained
Technical Support
Nature of Crime Number
Hacking 31
Document Forgery 142
Financial Frauds 59
Software Piracy 10
Pornography 24
Mobile Phone Crime 104
Email Crimes 57
Total 427
Technical Support
Agency Reported Cases Analysis Completed
RAW 1 1
CBI 32 28
Bangalore Police 29 25
CCPS Bangalore 39 36
Chennai Police 7 6
BPCL 1 1
CDAC 1 1
Crime Branch, Kerala 36 29
Vigilance, Kerala 49 41
Kerala Police 232 188
Total 427 356
Technical Support
Agency Submitted Media Recovery Completed
CDAC 74 69
Central Govt Agencies 11 9
Kerala Police 35 31
Others 29 26
Total 149 135
Other Activities
Setup Cyber forensics labs for Department of Income Tax and Department of Revenue Intelligence
Setup Digital Training and Analysis Centre for Kerala Police and Cyber Forensics lab for National Investigation Agency
Currently setting up a state of the art Cyber Forensics lab for Madhya Pradesh Police
Advantages of C-DAC Solutions
• Completely indigenous development
• Self-reliance in technology
• Cost-effective solution
• Developed for Law Enforcement Agencies and Corporate houses
• Total technical support
Apr 17, 2023 Resource Centre for Cyber Forensics 27
Apr 17, 2023 Resource Centre for Cyber Forensics 28
Provide a well tested and certified cyber forensics suite of products (CyberCheck Suite) for acquisition and analysis on portable lab as well as forensic workstation
Cost effective solution
Software for Network Forensics, Live Forensics and Device Forensics
Hardware tools for disk forensics
Introductory and advanced training in cyber forensics
What C-DAC can offer
THANK YOU
Apr 17, 2023 Resource Centre for Cyber Forensics 29
