Digital investigations may be conducted differently by various labs (law enforcement agencies, private firms, enterprise corporations) but each lab performs similar steps when acquiring, processing, analyzing, or reporting on data. This talk will discuss techniques that criminals can use to throw wrenches into each of these steps in order to disrupt an investigation, and how they can even force evidence to be excluded from litigation. Each of these techniques can be detected early by an investigator who is aware of them, and they can be avoided if you know what to look for. Come learn about Anti-Forensic techniques, and the Anti-Anti-Forensic techniques that mitigate them.
Michael Perklin is a Senior Investigator and has performed digital-forensic examinations on over a thousand devices. Michael is a member of the High Technology Crime Investigations Association, a professor of digital forensics at Sheridan College, and is currently writing his thesis paper on anti-forensic techniques. Twitter: @mperklin