6431 Unique Visitors
12199 Page-views
1.Computer & Cyber forensic basics
Digital forensics was defined as follows by Reith et al. (2002):
Digital forensics is a relatively new science. Derived as a synonym for computer forensics,
its definition has expanded to include the forensics of all digital technology. Whereas computer forensics is defined as “the collection of techniques and tools used to find evidence in a computer.
Although this definition appears to be a little out of date now, it does contain a few crucial elements. To begin, it states that computer forensics is a group of methodologies and technologies. While those are undoubtedly two significant components, but digital forensics applies to all digital technology, which is crucial because today, important evidence can be found in a variety of places, including flash drives, computers, and the cloud. The practise of collecting, analysing, and reporting on digital evidence in a legally permissible manner is known as computer forensics. It can be employed in the detection and prevention of crime, as well as in any dispute involving digital evidence. Computer forensics is similar to other forensic disciplines in that it follows a similar approach and deals with similar challenges. This statement is notable in that it specifies the duties that must be completed during a forensic investigation: gathering, analysing, and reporting. It also states that computer forensics is analogous to other forensic disciplines, implying that the procedures employed and findings reached during a computer forensic inquiry should be subjected to the same scrutiny as a fingerprint or DNA test analysis. Because the spectrum of digital devices that can be investigated has substantially grown from the classic beige box hidden under a desk to now encompass smartphones, tablets, and wireless routers, digital forensics is employed rather than a term that uses the word ‘computer.’ This device line continues to grow and develop into new areas.Wearable technology and ‘Internet of Things’ gadgets, such as
Wi-Fi weighing scales, personal trackers like FitBits, and Google Glasses, are becoming more prevalent.
The ACPO (Association of Chief Police Officers, now the National Police Chiefs Council) Good Practice Guide for Investigating Computer-Based Evidence ;guides the investigation of computer-based evidence in the United Kingdom.
Digital Evidence (ACPO, 2012). The text is lengthy, but it emphasizes four main
principles:
1. No action made by law enforcement agencies, their employees, or their agents should alter data that may later be used in court.
2. In situations where access to original data is required, the individual must be competent to do so and be able to provide proof demonstrating the relevance and consequences of their activities.
3. A digital evidence audit trail or other record of all processes should be generated and retained. Those processes should be able to be examined by an independent third party and produce the same result.
4. The investigation’s lead investigator is responsible for ensuring that the law and these standards are followed.
While forensic science is defined as “the application of science to law,” the techniques used in digital forensics can be utilised for purposes other than producing court evidence. Techniques for analysing data on hard discs to extract evidence relating to a crime, for example, can be used in corporate investigations to determine how malware got onto a system, whether someone was viewing inappropriate material on work equipment, or whether someone was sharing proprietary company data with another organisation.
Whether digital forensics techniques are employed to maintain the law or to form a conclusion about someone’s activities in a business setting, the outcome of the inquiry has ramifications, and it is therefore critical that the choice made is the correct one based on all available evidence. As a result, regardless of the sort of investigation being conducted, it is prudent to use the forensic science rigour.
A Brief History of Digital Forensics
One of the more recent strands of forensic science to emerge is digital forensic science.
The field’s early development was defined by Yasinsac et al. (2003) as “the child of law enforcement necessity.” Investigators were keen to harness this new source of information after computers were discovered at crime sites. Investigators looked for anyone who could help them bring this hidden type of evidence to light. System administrators of law enforcement systems or other investigators with a previous background in information technology or who were hobbyists were sometimes the only ones who were conversant with computers. Early computer forensic experts sometimes worked without a professional forensic education or training. Even fewer have prior experience in a structured computer forensics context.’
This site is my breathing in, very wonderful pattern and perfect written content.
It is in point of fact a nice and useful piece of information. I?¦m satisfied that you shared this useful information with us. Please keep us up to date like this. Thanks for sharing.