The Center of Excellence in Cyber Forensic Lab (CoE-CFL) is established to serve as a think-tank for policy formulation, legislative inputs and techno-judicial interpretations on the emerging theory and practice of Internet Law and cyber forensic paradigms. The Centre as part of NALSAR University of law aims to advance advocacy issues relating to the civil and criminal legislations in India and also its interface with the International regulatory framework of Internet Governance. The Centre located in the premier Legal Research University has the requisite intellectual input in terms of faculty, research scholars and a vibrant student community tracking the evolving Internet governance and processes along with techno-legal framework.
NALSAR University has been in the forefront of legislative drafting, impact analysis and capacity building of various legal streams like Intellectual Property Rights, Disability Jurisprudence, SAARC Law integration, Land rights issues and similar emergent public policy frameworks. Center of Excellence in Cyber Forensic Lab (CoE-CFL) is in alignment to contribute to the fast emerging complex regime of Internet which impacts various socio-economic and political spheres of citizens.
Principle Objectives of the Centre
- To strive as a think tank for policy formulation, analysis of the emergent issues of Internet related laws
- To carry out legislative drafting/ analysis of Internet related legal instruments
- To serve as a nodal center for analyzing International Instruments and policies on global internet governance.
- To undertake time bound impact studies of Internet related initiatives with special focus on the interface of constitutional and economic laws.
- To formulate sensitization and capacity building training programme for legal fraternity, Government officials , technical communities and civil society groups.
- To document case laws emerging on the internet jurisprudence and to provide critical analysis of its impact on various stakeholders of Internet Governance.
- To develop cyber forensic evidence sharing support cell where the interface of cyber forensics evidence and its admissibility in court is to be analyzed.
- To conduct cyber security trainings and awareness programs to the different stakeholders of the system.
Technical Objectives of the Centre
- Consolidating digital forensic resources throughout the nation by establishing a Centre of Excellence for Cyber security and National Digital Forensics Laboratory. This includes non-core forensic services such as data recovery and media sanitization.
- Standardizing the digital investigation framework for all relevant agencies through close cooperation in research and cooperation between inter-agencies and legal practitioners by providing unified Standard Operating Procedure, work manuals in conducting digital forensic work, validation methods, control of records and document control, etc.
- Providing comprehensive, secure and structured forensic infrastructure and facilities under one roof, unique for each agency according to their operational functions. This includes the provision of the facilities such as hardware and software i.e. forensic toolkits, workstations, and forensic software.
- To ensure that the Digital Forensic Laboratory is to become a fully Accredited Digital Forensic Laboratory which will adhere to the quality requirement (ISO 17025: 2017) incorporating comprehensive Case and Evidence Inventory Management System.
Thematic focus of the Centre
This new Centre is building upon NALSAR’s decade long experience in teaching, research and advocacy by its short term courses and Internet governance projects to focus in particular on the following thematic areas:
- Digital Economy- To focus on the enabling legislative framework to move towards digital economy identifying the prospects and problems in such transition.
- Cyber Security – To work on short and long term projects on the requisite legislative framework for securing Internet operations on the criminal law jurisprudence.
- E-learning framework- To research and provide inputs for legislative initiatives for e-learning transition at various levels of formal and informal educational streams.
- Social Media Governance– To work on a framework for augmenting Internet led social media practice and accountability aspects.
- Cyber Forensic Service’s – To extend Techno-Legal advisory services to different stakeholders of society by constituting Techno-Legal Support group and rendering services by establishing state-of-art Cyber forensic lab.
Operational focus of the Centre
- Advance Diploma/ Post Graduate / Doctoral/ Post-Doctoral Courses
- Training stake holders from Industry/ Judiciary/ Government
- Short term courses – Summer & Winter Schools
- Fundamental Research – Interface of Technology & Management/ Economics/ Law
- Applied Research – Sponsored by National /International Agencies
- Publications – Electronic and print / websites
- Counseling – Industry & Trade Associations / Government
- Consultancy and advice on IPR / Data Protection – Online & Offline
- Consultancy on International Laws & Country Specific Laws
- Re-Statement of Laws –for Legislative design/ policy Formulation/ fiscal and Monetary restructuring
- Treaty Drafting / Negotiations skills for Government and Industry.
- Design of legally acceptance Digital evidence framework.
- Bridging gaps between various stakeholders in the society including judiciary with special emphasis on cyber forensic technological advancements.
- Rendering cyber forensic services to the stakeholders of the society with legally determined procedures.
- Collaborating with cyber forensic industry and guiding them on their design structures of cyber forensic related platform’s for great interoperability between different judicial systems in the world.
Human Resources of the Centre
- The Centre as part of the NALSAR University has one (1) Professor, two (2) Assistant Professors and four (4) Research Associates with vast interdisciplinary skills to contribute to meet the objectives and operations of the Centre.
- The University has been running courses on Cyber Laws in regular and outreach modes for the last 15 years and has built a credible network among legal fraternity, technologists and International forums.
- NALSAR University has also been offering techno-legal courses such as
- Cyber Laws, Crimes and Technology.
- Digital Evidence Retrievals and Analysis systems (DERAS).
- Patent Analysis and Visualization Systems (PATINFORMTICS).
- ODR: Intersection of Dispute Resolution and Technology.
- Personhood and Technology.
- Senior faculty members have served in International organizations connected with Internet Governance and have conducted International and National conferences on Internet and law.
- Senior faculty has represented Government of India (GOI) in different international organization’s on Internet Advocacy, Cyber Security , ICANN , IPR Summits Etc.
Infrastructure of the Centre
- The University has dedicated spaces of high bandwidth of 1 GPBS and a state of the art of conference/seminar halls in place.
- There is a dedicated IT department and Audio-Visual recording teams for recording and documenting research outcomes and events.
- University campus is completely WIFI enabled.
- Remote Accessibility of University subscribed E-resources such as JSTOR; Hein online, Manupatra etc. is available for the student’s using University VPN services.
- The University has a state-of the art library with contemporary e-journals, books and reports on the subject.
- All the University class rooms are upgraded into digital classrooms where broadcasting and unicasting is well established.
- The University is an active partner in several IT initiatives in the State of Telangana and member of the T Hub initiative of the Information Technology Minister of the State.
FUNCTIONS & ROLES
The Cyber Forensic Lab(CFL) overall function is to identify, seize, acquire and analyze all electronic devices related to all cyber-enabled offences reported so as to collect digital evidence which is presented in a court of law for prosecution purposes. The CFL is divided into the following sub unit each outlining specific the roles and responsibilities of the Cyber Forensics Analysts.
CFL Analysts performs the analysis of computer hard drives (workstations, servers, laptops etc.). With an aim of looking for everything from ex-filtration of data,retrieving data that is deleted or otherwise destroyed by a user. Recovery of evidence from computer storage media.
MOBILE DEVICE FORENSICS
Deals with forensic analysis of smartphones, tablets and other portable devices, retrieval of deleted text messages, call logs, documents, mobile browser history, etc. Retrieval of data from GPS units, phone system, iPod, mp3 players, USB sticks and flash drives, SD cards, etc.
Malware analysis sub unit deals with the study of how malware functions and about the possible outcomes of infection of a given specific malware. Finding any suspicious malware activity in a network, Identify the source and type of malware and to know what would be the impact it might have in an organization/environment affected. Perform an intense malware analysis to comprehend the indicators and signs of compromise of a system when a need arises.
COMPUTER INCIDENTS RESPONSE TEAM (CIRT)
DFL CIRT is a team that responds to Cyber security incidents when they occur. Key responsibilities of a CIRT include: Investigating and analyzing security breaches and intrusion incidents, Managing internal communications and updates during or immediately after incidents, Mitigating incidents, Recommending technology, policy and training changes after cyber security incidents Responding to attacks that employs brute force methods to compromise, degrade, or destroy systems, networks, or services.
Deals with E-mail and Social media investigations; Tracking email and/or authenticating that messages are not tampered with or forged, recovering deleted messages from servers, laptops, desktops, Websites etc. Deals with Database Forensics and eDiscovery; Examination and recovery of data from mainframe and networked database systems.
RESEARCH, TRAINING & DEVELOPMENT
Identify and coordinate research on emerging issues within the digital forensics field. Identify and assessing training needs within the unit. Coordinating internal and external training programs.
- Forensic examination of computer and mobile phones
- Maintenance of lab processes of acquisition, archival and analysis
- Maintenance of inventories of digital evidence as per standards/ ISO
- Analysis of deleted and active files
- Location and analysis of data in ambient data sources
- Recovery of deleted or encrypted data/emails, SMS, MMS, videos, internet sites
- Uncovering passwords
- Forensic sim card analysis
- Extraction of data from mobile phones
- Presentation of expert forensic evidence in court