Contenidos del curso

119

120

 Explain the concept of Mobile Phone Forensics

 Explain ddigital Forensic Examination Process

3.0 Main Content

3.1 Models and Architectures of Distributed Systems There are two Models and Architecture of distributed systems:

• Client-server systems:

• the most traditional and simple type of distributed system, involve a multitude of networked computers that interact with a central server for data storage, processing or other common goal

• the client requests a resource and the server provides that resource

• A server may serve multiple clients at the same time while a client is in contact with only one server

• Both the client and server usually communicate via a computer network and so they are a part of distributed systems.

• Cell phone networks are an advanced type of distributed system that share workloads among handsets, switching systems and internet-based devices

• Peer-to-peer networks:

• workloads are distributed among hundreds or thousands of computers all running the same software

• The peer to peer systems contains nodes that are equal participants in data sharing

• All the tasks are equally divided between all the nodes

• The nodes interact with each other as required as they share resources

• This is done with the help of a network.

The most common forms of distributed systems in the enterprise today are those that operate over the web. They hand off workloads to dozens of cloud-based virtual server instances that are created as needed, then terminated when the task is complete.

3.2 Characteristics of a Distributed system

121

• Scalability: The ability to grow as the size of the workload increases is an essential feature of distributed systems, accomplished by adding additional processing units or nodes to the network as needed.

• Concurrency: Distributed system components run simultaneously. They’re also characterized by the lack of a “global clock,” when tasks occur out of sequence and at different rates.

• Availability/fault tolerance: If one node fails, the remaining nodes can continue to operate without disrupting the overall computation.

• Transparency: An external programmer or end user sees a distributed system as a single computational unit rather than as its underlying parts, allowing users to interact with a single logical device rather than being concerned with the system’s architecture.

• Heterogeneity: In most distributed systems, the nodes and components are often asynchronous, with different hardware, middleware, software and operating systems.

This allows the distributed systems to be extended with the addition of new components.

• Replication: Distributed systems enable shared information and messaging, ensuring consistency between redundant resources, such as software or hardware components, improving fault tolerance, reliability and accessibility.

3.3 Distributed Tracing

Distributed tracing is a method for monitoring applications — typically those built on a micro-services architecture — which are commonly deployed on distributed systems. Distributed tracing is essentially a form of distributed computing in that is commonly used to monitor the operations of applications running on distributed systems. In software development and operations, tracing is used to follow the course of a transaction as it travels through an application

• For example, an Online Credit Card Transaction as it winds its way from a customer’s initial purchase to the verification and approval process to the completion of the transaction

For instance, a tracing system monitors this process step by step, helping a developer to uncover bugs, bottlenecks, latency or other problems with the application. A distributed tracing system is designed to operate on a distributed services infrastructure, where it can track multiple applications and processes simultaneously across numerous concurrent nodes and computing environments. Without distributed tracing, an application built on a micro-services architecture

122

and running on a system as large and complex as a globally distributed system environment would be impossible to monitor effectively.

4.0 Self-Assessment Exercises

1. Explain email forensics

Email forensics is the analysis of source and content of the email message, identification of sender and receiver, date and time of email and the analysis of all the entities involved. Email forensics also reforms to the forensics of client or server systems suspected in an email forgery.

2. What is the purpose of email header analysis

Email header analysis helps in identifying most of the email related crimes like spear phishing, spamming, email spoofing etc. Spoofing is a technique using which one can pretend to be someone else, and a normal user would think for a moment that it’s his friend or some person he already knows

3. List the common techniques used in email forensic investigation

 Header Analysis

 Server investigation

 Network Device Investigation

 Sender Mailer Fingerprints

 Software Embedded Identifiers

5.0 Conclusion

Email evidence often plays a pivotal role in digital forensics investigations and eDiscovery.

When preserving emails from the cloud, forensics experts have to consider issues such as multi-factor authentication, running-in-place searches on the server before the acquisition, handling server errors and throttling, privacy issues, and time constraints.

123

6.0 Summary

In this unit, we have been able to outline email forensics, email header analysis, mobile forensics and mobile device forensics examination process.

7.0 References/Further Reading

https://www.techtarget.com/searchsecurity/definition/computer-forensics Årnes, A. (Ed.). (2017). Digital forensics. John Wiley & Sons.

Kävrestad, J. (2020). Fundamentals of Digital Forensics. Springer International Publishing.

Easttom, C. (2021). Digital Forensics, Investigation, and Response. Jones & Bartlett Learning.

Nelson, B., Phillips, A., & Steuart, C. (2019). Guide to Computer Forensics and Investigations, 2019. structure, 10, 26.

Dafoulas, G. A., & Neilson, D. (2019, October). An overview of digital forensics education.

In 2019 2nd International Conference on new Trends in Computing Sciences (ICTCS) (pp. 1-7). IEEE.

Pachghare, V. K. (2019). Cryptography and information security. PHI Learning Pvt. Ltd..

Lin, X., Lin, X., & Lagerstrom-Fife. (2018). Introductory Computer Forensics. Springer International Publishing.

Whitman, M. E., & Mattord, H. J. (2021). Principles of information security. Cengage learning.

124