What is Digital Forensics?

-

    Digital forensics or digital forensic science is a branch of forensic science focused on the recovery and investigation of material found in digital devices and cybercrimes. Rapid technological development has given rise to cybercrimes. More often than not, criminals use technology in planning and committing other kinds of crime. Computers, smartphones, flash drives, and cloud data storage are among many types of devices that keep digital evidence. The main application of forensics is the analysis and investigation of events that include computer information as an object of an attack, a computer as a tool of committing a crime, and collecting, storing, and protecting any digital evidence.

Digital forensics investigations commonly consist of four stages:

  • Seizure: Prior to actual examination digital media is seized. In criminal cases, this will be performed by law enforcement personnel to preserve the chain of custody.
  • Acquisition: Once exhibits are seized, a forensic duplicate of the data is created. Once created using a hard drive duplicator or software imaging tool then the original drive is returned to a secure storage to prevent tampering. 
  • Analysis: After acquisition, files are analyzed to identify evidence to support or contradict a hypothesis. The forensic analyst usually recovers evidence material using a number of methods (and tools), often beginning with the recovery of deleted information. The type of data analyzed varies but will generally include email, chat logs, images, internet history and documents. The data can be recovered from accessible disk space, deleted space or from the operating system cache.
  • Reporting: Once the investigation is complete, the information is collated into a report that is accessible to non-technical individuals. It may include audit information or other meta-documentation
    In the 1980s, very few digital forensic tools existed forcing forensic investigators to perform live analysis, using existing sysadmin tools to extract evidence. This carried the risk of modifying data on the disk which led to claims of evidence tampering.  Today, there are single-purpose open-source tools like Wireshark, a packet sniffer, and HashKeeper, a tool to speed up examination of database files. As well as commercial platforms with multiple functions and reporting capabilities like Encase or CAINE, an entire Linux distribution designed for forensics programs.

    Digital forensics experts use forensic tools to collect evidence against criminals, and criminals use the same tools to conceal, modify, or remove traces of their criminal activity. It is known as the anti-forensics technique and is considered one of the key issues digital forensics faces. This branch of forensic science also deals with certain legal, technical, and resource challenges. Here, are major challenges faced by the Digital Forensic:
  • The increase of PC’s and extensive use of internet access
  • Easy availability of hacking tools
  • Lack of physical evidence makes prosecution difficult.
  • The large amount of storage space into Terabytes that makes this investigation job difficult.
  • Any technological changes require an upgrade or changes to solutions.

    Digital forensic Tools are much accurate and more helpful to investigating officers who try to find the culprits who perform digital crimes or attacks. They are also used for digital criminal cases such as Theft of Intellectual Property, Industrial damage, Employment issues regarding their job security, and investigations on Fraud cases.


Comments

Post a Comment

Popular posts from this blog

What is Fringe Science?

-
Image
     Fringe science is a branch of science that departs from the mounted clinical theories. Unlike pseudo-science , it nevertheless makes use of the clinical method, however is notably speculative. Fringe science has its foundation in mounted science , however explores and research regions on the very boundaries, and is frequently poorly funded and under-resourced. Whilst fringe science commonly leads upon a street to nowhere, once in a while a department blossoms into a totally established field, and can even result in a   paradigm shift . Chaos concept operated on the edge of well-known physics, the use of computer systems and era begged, borrowed or stolen from different departments. The younger scientists who labored upon it had been instructed that they could have problem locating funding, that different physicists could refuse to study their work, and they could by no means flow upwards. Fortunately, they persisted and arrived at a concept, that's extensively well-known
Read more

What is Quantum Computing?

-
Image
T he field of quantum computing was initiated by the work of  Paul Benioff  and  Yuri Manin  in 1980,  Richard Feynman  in 1982, and  David Deutsch  in 1985.The typical computer uses a series of zeros and ones to communicate information. While today's computers are quite powerful, they still have considerable limitations that make it difficult to process challenging machine-learning problems. In quantum computing, a qubit (short for quantum bit) is a unit of quantum information—similar to a classical bit. Where classical bits hold a single binary value such as a 0 or 1, a qubit can hold both values at the same time in what's known as a superposition state. When multiple qubits act coherently, they can process multiple options simultaneously. This allows them to process information in a fraction of the time it would take even the fastest nonquantum systems.   We can ready for the quantum era by becoming a quantum developer. By learning a quantum-focused programming
Read more

Cyber Security

-
Image
   What is Cyber-Security? Cyber security or information technology security are the techniques of protecting computers, networks, programs and data from unauthorized access or attacks. A successful cyber security approach has multiple layers of protection spread across the computers, networks, programs, or data that one intends to keep safe. In an organization, the people, processes, and technology must all complement one another to create an effective defense from cyber attacks. Elements of Cyber-Security Ensuring cybersecurity requires the coordination of efforts throughout an information system, which includes: Network security includes activities to protect the usability, reliability, integrity and safety of the network. Effective network security targets a variety of threats and stops them from entering or spreading on the network. Application security  focuses on keeping software and devices free of threats. A compromised application could provide a
Read more