K-Tech Centre of Excellence in Cyber Security (CySecK)

Digital Defenders CTF 2023 Masterclass Webinar-5

Samgacchadhwam Series Webinar #61

Topic: Forensics - Part 1
Speaker: Mr. Abhiram Kumar, Associate - Cyber Risk, Kroll Corporation, Delhi NCR
Date: Tuesday, 20th June 2023
Time: 3:30 - 5:00 p.m.

During the first part of this webinar, we will introduce the concept of Digital Forensics and Incident Response (DFIR), discussing its definition and providing an overview of its importance and applications. We will highlight the core skills required for a successful DFIR analyst. Furthermore, we will explore different fields and specializations within DFIR, including Digital Forensics, Network Forensics, Malware Analysis, Incident Response, Memory Forensics, Mobile Device Forensics, Forensic Data Analysis, and Cloud Forensics. You will gain insights into each specialization and understand their roles in investigating cyber incidents.

In the second part of the webinar, we will focus on file structure. We will explain the fundamental components of a file, including metadata, data content, and file header/footer. You will learn about magic numbers, which are signatures used to identify file types, and discover important file chunks such as headers, footers, and other identifiable sections. We will then delve into specific file formats, such as Portable Network Graphics (PNG), Joint Photographic Experts Group (JPEG), and PKZIP. You will gain an understanding of their structures, including headers, chunks, and data, as well as validation mechanisms like Cyclic Redundancy Check (CRC) used for data integrity.

In the final part of the webinar, we will introduce network forensics. We will define network forensics and emphasize its importance in investigating security incidents. You will learn about the network forensic investigation process, including the steps involved in collecting and analyzing network traffic and logs to uncover evidence of cyber incidents.

By the end of this webinar, you will have a solid understanding of the fundamentals of DFIR, various fields of specialization within DFIR, file structure concepts, and the basics of network forensics. This knowledge will lay a strong foundation for your journey into the world of digital forensics and incident response. Don't miss this opportunity to expand your knowledge in DFIR.

To attend the webinar, please use the link given below:

Assessment Link: Assessment Closed.

Webinar Registration:

This webinar is open to both the Digital Defenders Capture the Flag (CTF) 2023 registrants and to the general public. However, the following guidelines need to be followed:

Category 1: Digital Defenders Capture the Flag (CTF) 2023 Registrants

(a) Registration should have been completed through the Registration Form on the website:  https://cs-coe.iisc.ac.in/ctf2023 on or before 5th June 2023.

(b) To be considered for the CTF, you need to attend/view the recordings of all the eight webinars and participate in all the post-Webinar Assessments that follow.

(c) Only the Top 500 CTF 2023 Registrants with the highest scores in the Assessments that follow each webinar would be eligible to participate in the CTF.

Category 2: Members of the General Public (not registered for Digital Defenders CTF 2023)

(a) Please navigate to the URL: https://cs-coe.iisc.ac.in/portal/auth and register yourself with CySecK by clicking on "Register as User".

(b) Once registered on the CySecK website, please login and click on the "View" button below "Webinars" on your Dashboard page.

(c) Once you are on the "Webinars" page, please click on the title of the webinar which appears under "Webinars open for registrations".

(d) At the bottom of the screen, please click on "Register".

Note:

1) Google Form is used for Assessment and may ask for a Google Account login. Therefore, its preferred that you use a Gmail address.

3) Please use your registered email address with CySecK/CTF 2023 to login to the webinar through Webex and while updating the "Email" field in the Assessment Form.