Rodrigo Rubira Branco (Software Engineer, IBM)
Presentation Title: The Computer Forensics Challenge and Anti-Forensics Techniques
Presentation Details:
The presentation will cover the main area of interests inside the Computer Forensics Challenge:
- Data Recovery (Several Levels)
- Analyzer’s correct methodology: How to differentiate between a Computer Forensics Expert and a tool operator
- Incident Handling and Response using the most accurate tools - How to not damage evidence
And also of Anti-Forensics stuff:
- The manipulation of the forensics analysis due to lots of methods of subverting the system
- Data Hiding (Encryption, Steganography, FileSystem’s Internals and others): How can a attacker can hide data using hacking techniques
- What to trust and what to not trust in evidence collection: hashes, memory dumps, etc.
About Rodrigo
Rodrigo Rubira Branco (BSDaemon) is a Software Engineer at IBM, member of the Advanced Linux Response Team (ALRT), part of the IBM Linux Technology Center (IBM/LTC) Brazil also working in the IBM Toolchain (Debugging) Team for PowerPC Architecture. He is the maintainer of the StMichael/StJude projects (www.sf.net/projects/stjude), the developer of the SCMorphism (www.kernelhacking.com/rodrigo) and has talks at the most important security-related events in Brazil (H2HC, SSI, CNASI). Rodrigo is also a member of the Rise Research (www.risesecurity.org).
** Presenting with Domingo Montanaro