Training topics

This page gives a short summary of our offered trainings. On request, trainings can be customized / extended according to your knowledge and requirements. Most trainings are performed in our training room in Dresden and can be located at your department on demand.

Basics in forensics for Bitcoin

The virtual (decentralised crypto-) currency Bitcoin available online since 2009, is the most commonly used realisation of a virtual currency. An important feature of virtual currencies is the use of the blockchain as a decentralised, public ledger of all ever committed and accepted transactions of all users. Different to `normal' bank transaction, transactions in the Bitcoin network are realised using pseudonyms (Bitcoin addresses) and no subject field is available.

This training gives an introduction to basics of virtual currencies: function, stored and exchanged information as well as different types of virtual currencies. Participants will learn to use Bitcoins with standard wallet software and to do their own experiments (e.g., transactions with other participants). Possibilities to search and trace single or related Bitcoin addresses as well as transactions will be presented. Possibilities and challenges in using search tools available in the Internet as well as tools developed by dence will be discussed. Practical exercises help to strengthen discussed technology and methods.

Content

  • Overview of virtual currencies
  • Introduction to Bitcoin technology (function, P2P-network, blockchain)
  • Practical introduction using Bitcoin wallets (e.g., create addresses / receive and send Bitcoins to other training participants)
  • Detailed view on Bitcoin addresses and transactions (Search tools available online / developed by dence)
  • Forensics analysis of bitcoin addresses / transactions (relations between addresses used by the same user / organisation)
  • Overview Bitcoin wallet software artifacts (stored content, encryption, seizure)
  • Possibilities to obfuscate related transactions

Duration and Requirements

  • 1-day training
  • Training targets practitioners working in law enforcement or in the financial industry. The participants require practical experience in the use of standard IT software. The training gives a basic introduction in forensics for Bitcoins and made for beginner to intermediate analysts.

Basics in digital image forensics

Digital images are captured and used everyday. Often images are used as evidence for factual claims, for example in court, at the police, in the news, in business or in science. Whenever the authenticity of an image comes into question, methods to check the originality and source of an image are necessary.

Digital image forensics provides different analysis methods to check the authenticity of digital images. The basis are micro traces introduced during image acquisition in the employed device or micro traces introduced or altered by image post processing. Participants of this training will receive an introduction to digital image forensics and important methods for the forensics analysis of image files. Practical exercises help to strengthen discussed technology and methods.

Content

  • Introduction (relation to digital forensics, technical basics of signal- and image processing / image forensics)
  • Overview software for image processing and basics in image manipulation
  • Basics about image file formats and forensic analysis of structure / metadata
  • Determine the origin using device-dependent characteristics
  • Image manipulation detection

Duration and Requirements

  • 1.5-day training
  • Training targets practitioners worried about the authenticity and originality of digital images. The participants require practical experience in the use of standard IT software. Basic knowledge about image processing would be an advantage.

Advanced topics

Basic trainings can not cover all relevant topics in full detail and we provide tailored trainings on request. Examples of topics we covered in past in advanced trainings are:

  • Structure and organisation of selected file formats (eg. JPEG / PNG / MP4 container formats)
  • Application of filtering / Fourier transformation in digital image processing
  • Forensic analysis of digital audio recordings
  • Analysis of ENF artefacts in digital audio recordings
  • Forensic analysis of digital video
  • GSM communication protocols / signal analysis with USRP or low-budget RF receiver hardware
  • Detailed view on the blockchain structure
  • P2P network communication