As the Internet continues to evolve, new layers populate where offenders commit criminal offenses. One such area is the Darknet. Participants will learn about the Darknet, how potential criminal activity is facilitated on the Darknet, and why this knowledge is crucial to investigating and prosecuting child exploitation cases. Additionally, participants will learn how to access other locations on the Darknet.
A child abuse pediatrician will present an overview of the medical evaluation for suspected sexual abuse. The presenter will outline examples of the different roles between physician and nurse providers stressing the necessity of specialized training regardless of degree and the importance of participating in ongoing education and case review for quality assurance. The presenter will also discuss salient features of how the exam is performed, how to interpret findings, and when/how the collection of DNA/laboratory specimens are collected.
This course provides students with the fundamental knowledge and skills they need to investigate crimes involving virtual currency. Instructors explain foundational concepts like the characteristics of money, virtual currency, and cryptocurrency. Blockchain technology, proof work, and proof of stake are covered, and students learn how industry-leading cryptocurrencies (Bitcoin, Ethereum, and Monero) work and how they differ from each other. Finally, students learn investigative techniques for tracking and documenting transactions and best practices for seizing and securing cryptocurrency.
This course provides the advanced skills and knowledge necessary to analyze data on iOS devices (iPod Touch, iPhone, and iPad) and Android devices at an advanced level. Students use forensically sound tools and techniques to analyze potential evidence, employing advanced techniques to uncover evidence potentially missed or misrepresented by commercial forensic tools. Topics include identifying potential threats to data stored on devices, using available acquisition options, accessing locked devices, and understanding the default folder structure. Core skills include analyzing artifacts such as device information, call history, voicemail, messages, web browser history, contacts, and photos. Instruction is provided on developing the "hunt" methodology for analyzing third-party applications not supported by commercial forensic tools.
This course provides expert guidance in the skills law enforcement officers need to conduct successful online investigations. Topics include IP addresses and domains, an overview of currently popular social media platforms, best practices for building an undercover profile, foundational knowledge related to the dark web, and the use of the dark web as an investigative tool. Instructors demonstrate both open source and commercially available investigative tools for social engineering, information gathering, and artifacts related to social media, as well as automated utilities to capture information and crawl websites.
This course provides the fundamental knowledge and skills required to preview and acquire images from Windows-based and macOS-based computers, mobile devices, and removable storage media in a forensically sound manner.
Presentations and hands-on practical exercises cover the following topics:
- Storage media and how data is stored;
- Firmware interfaces (BIOS, UEFI);
- The previewing process;
- Live and dead-box previewing;
- The forensic acquisition process;
- Tool validation;
- Hardware and software write blockers;
- Forensic image formats; and
- Multiple forensic acquisition methods.
Students will use free and commercial third-party tools that are currently used by practitioners in the field.
This course provides hands-on investigative training at a basic level. Students develop the practical skills, insight, and knowledge necessary to manage a successful financial investigation from start to finish, including the acquisition and examination of financial records, interview skills, and case management and organization. Additional topics include forgery and embezzlement, financial exploitation of the elderly, working with spreadsheets, financial profiling, and state-specific statutes and legal issues.
This course provides an overview of the actions investigators can take at the outset of a financial crime investigation. Students learn to ask critical questions, gather documentation, and analyze information for leads. Topics include obtaining and working with financial records, red flags in financial cases, money laundering, investigative strategies for different types of financial crimes, and commingled funds.
This course teaches students to identify and collect volatile data, acquire forensically sound images of Apple Macintosh computers, and perform forensic analysis of macOS operating system and application artifacts. Students gain hands-on experience scripting and using automated tools to conduct a simulated live triage, and use multiple methods to acquire forensically sound images of Apple Macintosh computers. Topics include how the macOS default file system stores data, what happens when files are sent to the macOS Trash, where operating system and application artifacts are stored, and how they can be analyzed. Forensic artifacts covered include password recovery, recently opened files and applications, encryption handling, Mail, Safari, Messages, FaceTime, Photos, Chrome, and Firefox.
This course addresses the critical need for well-trained intelligence analysts to interpret growing amounts of information. Topics include the intelligence cycle, analytical thinking skills, the importance of strategic analysis, communication and social media analysis, recommendation development, and legal and ethical issues. Students work hands-on with specialized software to synthesize information and develop various products of intelligence. The course was developed by a consortium that included the National White Collar Crime Center, Law Enforcement Intelligence Unit, the International Association of Law Enforcement Intelligence Analysis, and the Regional Information Sharing System.