Computer Crime Investigations

737 Words2 Pages
bulb-icon

Recommended: Importance of forensic evidence

In simple terms, computer or digital forensic evidence analysis is the scientific collection of data that is either retrieved or held by a computer storage device that can be used against a criminal in a court of law. For the information to be used in court it should be collected before it is presentation; therefore, there are a number of recommendations proposed to make sure that information collected meets the intended integrity.

Information collected digitally from computers or media storage applications has protocols that need be followed during the process. The order of collecting digital information mostly determines the life expectancy of information collected (Eoghan, 2004, p. 74). There is a need to change information collection procedures since there are changes in the field of computing. In this regard, all information collected is at times determined by the type of tools and instruments supplied by the suppliers. Investigative agencies should be keen to ensure that they hire services of competent suppliers who are updated with present technology and supplies their instruments at an attractive price (Eoghan, 2004, p. 74).

Suppliers and collecting agencies should understand that present technology has removable storage devices where information can be stored and cannot be retrieved in the hard disks (Eoghan & Gerasimos, 2008, p. 93). There are also malwares that can be stored in the RAM and cannot be traced in the hard drives meaning that instruments and the strategies for collecting information should be fashioned in a way that can out do the tricks of data storage and theft (Eoghan & Gerasimos, 2008, p. 93). From experience, while dealing with computers it is possible to crack the trick that is generated using co...

... middle of paper ...

...any reasonable doubt that the accused is responsible for the crime accused of. One of the oversights that can occur during collection of digital evidence is that digital storage devices are intact and cannot lose the collected data; to overcome the oversight, it is important to have a backup of all collected information about a crime.

References

Carrier, B. D. (2006). Risks of live digital forensic analysis. Communications of the ACM, 49 (2), 56-61.

Eoghan, C. (2004). Digital evidence and computer crime, 2nd Ed. London, UK: Elsevier.

Eoghan, C., & Gerasimos, S. (2008). The impact of full disk encryption on digital forensics. Operating Systems Review, 42 (3), 93-98.

Henry, P. (2009, Sep 12). Best practices in digital evidence collection. Retrieved from http://computer-forensics.sans.org/blog/2009/09/12/best-practices-in-digital-evidence-collection/

Show More
Related

  • Physical And Environmental Security Impact On Forensics Investigations

    1934 Words  | 4 Pages

    Forensics investigations that require the analyzation and processing of digital evidence can be influenced both positively and negatively by a number of outside sources. In this paper, we will explore how physical security plays a role in forensics investigations activities. We will start by examining how physical and environmental security might impact the forensics investigation process. Next, we will discuss the role that physical and logical security zones play in supporting effective forensics activities. We will illustrate how centralized and decentralized physical and environmental security affects the forensics professional’s approach toward the investigation. Lastly, we will evaluate some potential areas of risk related to the physical security of our case study organization, Widget Factory, identified in Attachment 1.

    Read More

  • TrueCrypt and Spybot: A Forensic Exploration

    1247 Words  | 3 Pages

    Throughout this course many software packages have been discussed as far as their usefulness and application in a computer forensics environment. I have chosen to write about encryption, as well as anti-spyware software. Specifically I will discuss TrueCrypt and Spybot – Search and Destroy.

    Read More

  • HIPAA, CIA, and Safeguards

    1633 Words  | 4 Pages

    On 5 October 2009, computer equipment from a network data closet was stolen from BCBST. The items stolen were 57 unencrypted hard drives which contained over 300,000 video recording and over one million audio recordings. According to Whitman & Mattord (2010), confidentiality, integrity, and availability makes up the C.I.A triangle which is the basis of Committee on National Security model for information security, an industrial standard, (Whitman & Mattord, 2010). Confidentiality can be a synonym for encryption but also means only the people with the correct permission can access the information. One of the major security issue is the hard drives were not encrypted. The hard drives should be encrypted to prevent people from reading the information the computer. Software can be purchased which will encrypt files on hard drive with such as Folder Lock, SensiGuard, Secure IT, and more. There are open source encrypting software which are free for use which could have been used. If the hard drives were not needed, the data should hav...

    Read More

  • Trace Evidence

    1592 Words  | 4 Pages

    Crime scenes are known to have many clues left behind. The obvious would be a the body or bodies, clothing, and sometimes even the murder weapon. While these are great way to solve a case there's another kind of evidence; trace evidence. Trace evidence are small pieces of evidence that are laying around a crime scene. There are many types of trace evidence some of them include metal filings, plastic fragments, gunshot residue, glass fragments, feathers, food stains, building materials, lubricants, fingernail scrapings, pollens and spores, cosmetics, chemicals, paper fibers and sawdust, human and animal hairs, plant and vegetable fibers, blood and other body fluids, asphalt or tar, vegetable fats and oils, dusts and other airborne particles, insulation, textile fibers, soot, soils and mineral grains, and explosive residues. Although these are the most common found elements, they are not the only ones. The Trace Evidence Unit is known to examine the largest variety of evidence types and used the biggest range of analytical methods of any unit. materials are compared with standards or knowns samples to determine whether or not they share any common characteristics. In this paper I will discuss the different kinds of trace evidence and how crime scene investigaros use it to solve cases and convict criminal.

    Read More

  • Mobile Forensics Tools For Evidence While Maintaining Data Integrity

    1280 Words  | 3 Pages

    The customer requests an evaluation between two popular mobile forensics tools, OFS and UFED. Mobile forensics tools are valuable pieces of software designed to extract information such as contacts, photos, messages, location history, emails, and social media communications off of devices such as cell phones. Evidence in criminal proceedings, corporate espionage cases, and government espionage cases use this information as evidence. Due to the evidentiary value of the recovered data, it is important to have a tool that maintains device integrity.

    Read More

  • Method Applying Data Reverse Engineering on a Cell Phone

    654 Words  | 2 Pages

    [2] F. Dellutri, V. Ottaviani, and G. Me, “Forensic acquisition for windows mobile pocketpc,” in Proc. of the WSHPCS, HPCS 2008, Nicosia, Cyprus June 3-6, 2008, pp. 200–205.

    Read More

  • David Noel Security

    561 Words  | 2 Pages

    Illegal access and modification of data will be discussed in this research paper. David Noel Cecil gained illegal access into Platform Networks, an internet service provider and stole the username and password of Platform Networks managing director. In a period of ten days, David Noel Cecil got into the company’s system multiple occasions which summed up to forty-eight times (CDPP, 2011). David Noel Cecil, modified the file structure of the computer system in one of the forty-eight occasions, which resulted in the Platform Networks internal system going off line for some time. David Noel Cecil, also run several commands on the companies system which lead to a compromise on the companies system (CDPP, 2011).

    Read More

  • Technology and the Invasion of Privacy

    710 Words  | 2 Pages

    Computers are main technological features that allow criminals to step into unsuspecting victims lives. With a simple piggy-backing program hackers are able to track every keystroke made by the victim. One such program is called spyware, not to be confused with adware, which is often referred to interchangeably with spyware, but is potentially harmless (Louis 15). Spyware, hidden within downloaded software, implants itself deep within a computer’s hard drive, allowing it to track every move made by the user (Louis 16). Once inside a system, spyware can gather e-mail addresses, passwords, and credit card numbers.

    Read More

  • Data Acquisition

    1744 Words  | 4 Pages

    Live acquisition: The future of data acquisitions is shifting toward live acquisitions because of the use of disk encryption with newer operating systems (OSs). In addition to encryption concerns, collecting any data that’s active in a suspect’s computer RAM is becoming more important to digital investigations. The processes and data integrity requirements for static and live acquisitions are the same. The only shortcoming with live acquisitions is not being able to perform repeatable processes, which are critical for collecting digital evidence.

    Read More

  • Digital Evidence Essay

    827 Words  | 2 Pages

    The biggest challenge investigators face and who is involved with high tech crime is the fast-paced constant evolving nature of technology. When companies come out with new devices or new versions of old devices which is almost all the time, and those who gather digital evidence must remain current to be able to locate and preserve all potential evidence. As technology evolves the capacities of these devices will rapidly increase while their form factor grows continually smaller. Investigators must preserve digital evidence to make sure it is suitable for presentation in court as well. Investigators must first never change a crime scene or alter evidence. It is their goal to document and preserve the scene exactly as it was when the crime occurred. Extreme caution and care is needed because the mere act of documenting or cataloging a crime scene means that investigators are interacting with the scene. The second concern is the physical fragility of the evidence. Care must be taken to keep items from getting wet, stepped on etc, this can also be applied to digital evidence. Investigators have been able to examine hard disk drives that have been through fires because the drives are usually air and water tight and impervious to temperatures into the thousands of degrees. The third issue is that digital evidence can be lo...

    Read More

  • Hard Drive Failure

    1739 Words  | 4 Pages

    In a world that is run by computers, perhaps one of the most frustrating things that can happen to a person is waking up to find out the hard drive on their computer has stopped working, and all of their files inaccessible. In the event of such a failure, many people would view the situation as beyond remedy, and resign themselves to simply dealing with the loss. This however does not need to be the case. Although recovering files from a hard drive is not always possible, there are steps that can be taken to give yourself a chance to recover everything you believe to be lost. This paper will discuss various possible solutions to hard drive failure, and will detail steps that can be taken to secure your data.

    Read More

  • Computer Fraud And Crimes

    1006 Words  | 3 Pages

    amounts of memory being used and the file usage if something is going on that

    Read More

  • Computer Forensics

    707 Words  | 2 Pages

    Now a write blocker is a device that is installed on the suspect’s hard drive or other media that completely prevents the forensics examiner for writing ant data to the hard drive or media. It is simply makes it physically impossible by blocking the wires that could communicate the data to be written to the drive. (Knetzger & Muraski, 2008, p. 359). And once the write blocker is installed the forensic specialist will use a drive-imaging or cloning utilities to make an exact duplicate of the original suspect drive. This is called the bit-by-bit copy, because it takes makes copies by bit-by-bit. (Knetzger & Muraski, 2008, p. 336). Now hashing is a mathematical analysis of the data on the drive that generates a unique string of characters based upon the files and structure of the drive. Individual files can also be hashed to check for identical files, the standard hash utilized by most forensic software utilities called the Message Digest 5

    Read More

  • Digital Forensics

    1135 Words  | 3 Pages

    Introduction Forensic science is as the application of science to the law. Digital forensics, also known as computer and network forensics, has many definitions. Generally, it is considered the application of science to the identification, collection examination, and analysis of data while preserving the integrity of the information and maintaining a strict chain of custody for the data. Analysing and reporting on digital data in a way that is legally admissible. It can be used in the detection and prevent crime and in any dispute where evidence is stored digitally.

    Read More

  • Forensic Analysis Essay

    536 Words  | 2 Pages

    Forensics involves several processes including: investigation, evaluation, forensic intelligence, automated surveillance and forensic identity management [39]. Forensic analysis is performed in order to conclude further evidence to exonerate the innocent and corroborate the identity of the perpetrator through

    Read More

More about Computer Crime Investigations

Open Document