Delhi Police Women's Training

SysTools Prepares Delhi Police Women Officers on Digital Forensics

Cybercrime training and awareness is a major part of the police training program. Mr. Anuraag Kumar Singh, CEO and Co-Founder, SysTools, along with his Digital Forensic Examination & Research team, conducted a 3-day’s Digital Forensic Training (29th November to 1st December)

Training Program Synopsis

250 women officers were part of this 3-day’s program hosted by the DCP Mrs. Suman Nalwa, Principal DPTS Dwarka, and ACP Mr. Jai Kishan Bhargav. Amongst the primary attendees of the program were the lab officials and assistants along with the lecturers.

Hours of rigorous training sessions are conducted for women officers at the Delhi Police Training School in Dwarka Sector 9. A part of these training sessions is the cybercrime training program, a detailed introduction to which was recently imparted by SysTools Digital Forensic Team.

Aim of the Session: Theoretical and practical awareness about cybercrime and best practices in digital forensics was presented to women officers at the Delhi Police Training School in Dwarka. Besides, physical training, police procedures, criminology, cybercrime training is extended as an important part of the program since the rising adoption of technology by victims as well as culprits.

Day 1: Theoretical Awareness to Cybercrime and Digital Forensics

The Delhi police women's training program kicked off with a theoretical awareness session on Day 1 conducted by Mr. Anuraag Kr. Singh, CEO and Co-Founder, SysTools, on cybercrime and DF (Digital Forensics). The session was held collectively for all the 250 officers enrolled into the program.

Agenda of Delhi Police Women's Training Program

  1. Introduction to Digital Forensics: Digital Forensics and its basics explained via graphical representation. Significance of digital forensics in law enforcements communicated owing to global rise in digitization.
  2. Common Investigative Devices: Standard understanding of detecting devices at the scene of investigation used for creating / sharing / exchanging the data meant for investigation.
  3. Capture the Right Storages: Tips to determine artifact-rich storage devices at scene of investigation. Understanding and relating the links of devices found with the reported case for accuracy in evidence capturing.
  4. Image Artifacts for Evidence: Artifact retention explained via imaging process for conducting examination. Prevention of evidence spoliation explained via replication before investigation.
  5. Challenges of Digital Forensics: Factual challenges of conducting device capturing, data imaging, and investigation discussed. Tips shared on overcoming the challenges to proceed to investigation.
  6. Commencement of Investigation: Commencement of investigative procedure on captured media or storage. Starting to work on an investigation with the setup environment and imaged artifacts.
  7. Windows Analysis on Focus: Artifact finding and analysis techniques and understanding data types was discussed particularly considering Windows being an extremely commonly used Operating System.
  8. Mobile Forensic Investigation: Mobile forensic analysis, a major part of the training detailed about types, common applications, storage areas, data types, and analysis technology for mobile phones.
  9. Performing Email Forensics: Another chief target of the session was email forensics considering the major role emails play for communication purposes making it an essential element of investigation.
  10. Role of MailXaminer Software: MailXaminer, the proprietary email examination application of SysTools, was demonstrated for email and disk image forensic considering the significance of both data types.

Day 2 and 3: Practical Introduction to Digital Forensics Implementation

The next two days of training were planned for 3 practical training sessions conducted for 4 different batches of 50 officers each. The training included detailed discussion on the procedures of digital forensics along with their practical demonstration.

Lab assistants and lecturers of the respective discipline were also amongst the attendees of Delhi Police Women's training program. Therefore, the session was conducted smoothly with no technical glitch or communication gap occurring with the officers.

1. Hard Drive Imaging Process: First practical training session was based on hard disk drive imaging. Computer investigation revolves around hard drive examination primarily, for it being the principal storage system of a machine.

  • Understanding and types of varied hard drives available, explained.
  • Acquisition of internal and external disks with imaging explained.
  • Disk imaging taught & demonstrated via Tableau Forensic Imager [TD3].
  • Features of Tableau Forensic Imager (TD3) were illustrated with example.

2. Mobile Forensics via UFED: The second session focused on forensically examining mobile device and its storage owing to the rapid transition of users from computers to mobiles for just about anything and everything.

  • Increase in dependency on mobiles phones over computers discussed.
  • Precautions stated for handling mobile phones during examination.
  • Acquisition challenges and overcoming explained via Cellebrite UFED.
  • Cellebrite UFED usage explained and demonstrated with practical.

3. Emails Analysis & MailXaminer: Third session was all about emails and their involvement in cyber forensics owing to their major role in corporate and personal communication leading to a major cybercrime cases involving emails.

  • Understanding email travel path & procedure from sender to recipient.
  • Major email services, Desktop and Webmail, explained with example.
  • Difference and significance of email header and body contents detailed.
  • Stated parts of email message important from investigative standpoint.
  • MailXaminer, flagship & proprietary email forensic toolkit demonstrated.

Wrapping Up

Awareness of digital forensics is just as important as it is to learn legal procedures to join the police forces. Recently, about 250 women officers hailing from different states and cultures of India attended the 3-day’s Digital Forensic Training program conducted by SysTools at the Delhi Police Training School, Dwarka. Motto of the training session (successfully achieved) was to ensure understanding and share practical demonstration on the top three areas receiving highest ratio of cybercrime activity, computer, mobile, and emails.
Use of MailXaminer software and Cellebrite UFED and Tableau Forensic Imager [TD3] was demonstrated to meet different investigative needs and achieve accurate results, faster. Increasing rate of cyber dependency has led to the rise in rate of cybercrime reciprocally. Thus, best practices of handling cybercrime cases, artifacts in custody, conducting evidence search and preservation, both with and without products has become mandatory.