Cyber Forensics Essay

1032 Words3 Pages
bulb-icon

Recommended: The importance of handling digital evidence

Introduction
Cyber forensics, also called digital forensics or computer forensics, is a quickly growing field as the world goes digital. This field involves gathering evidence and analysing this evidence from computers, servers and networks in a manner that is suitable to present in a court of law. As the internet grows in popularity, so does criminal activity over the internet. When the law catches a criminal that used a computer to commit a crime, they confiscate the computer and all related storage devices for cyber forensics experts to examine the device to find fraudulent activity.
Investigators usually follow a set of predefined procedures when given a case to work on. First they ensure that the device being examined cannot get contaminated in any way possible. To ensure this, they would create a digital copy of the device's storage media and store the device in question in a secure location to maintain the condition which they received it in. Forensics is then carried out on the image created.
There are several different forensics applications and techniques used to examine the image retrieved from the device being examined to search unallocated disk space for data that could have been encrypted, damaged or deleted and for folders that are hidden. A 'finding report' is created to document any evidence. This evidence is then compared with the original to prepare for any of the following proceedings. The steps taken to examine the device or medium will be discussed in more detail in this essay.
Digital evidence
Stored or transmitted information in binary form that can be relied upon on in court can be defined as digital evidence. This evidence can take many different forms such as a computer hard drive, mobile phones, compact...

... middle of paper ...

...k is copied to another drive. This copy is taken to further ensure that the original data is safe and cannot be altered unknowingly.
(3) The copying process used was thorough.
Once the second step is complete, it is vital that the forensic expert checks the copy of the original matches the original exactly. They can ensure the copy is reliable by checking three characteristics. Firstly, the copying process must meet industry standards. A worthy benchmark is checking if the copying software used is used by other law enforcement agencies. Secondly, the copy must be able to be verified by the opponent in court. Finally the copy that is created should not be able to be manipulated.
(4) All the media used during the investigation was stored and used securely.
After the copies have been verified, the original must be securely stored and preserved.
(Feldman & Kohn, 2008).

Show More
Related

  • Physical And Environmental Security Impact On Forensics Investigations

    1934 Words  | 4 Pages

    Forensics investigations that require the analyzation and processing of digital evidence can be influenced both positively and negatively by a number of outside sources. In this paper, we will explore how physical security plays a role in forensics investigations activities. We will start by examining how physical and environmental security might impact the forensics investigation process. Next, we will discuss the role that physical and logical security zones play in supporting effective forensics activities. We will illustrate how centralized and decentralized physical and environmental security affects the forensics professional’s approach toward the investigation. Lastly, we will evaluate some potential areas of risk related to the physical security of our case study organization, Widget Factory, identified in Attachment 1.

    Read More

  • How Technological Advancements Have Influenced Forensic Investigators

    3293 Words  | 7 Pages

    Technologies are advancing in today's world where more information is being generated, stored and distributed through digital gadgets. This requires investigators and forensic expert to increase the use of digital evidence gathering as a tool to fight against cyber-crime (International competition network, n.d.).

    Read More

  • Trace Evidence

    1592 Words  | 4 Pages

    The last type of evidence I will discuss are documents. Everyone has a different handwriting and different characteristics that make it unique. Computers are also unique in the way they type and print out things. Document examiners can look over these and establish the similarities in the handwriting and computer forensic specialists can extract logs and other data from most devices.

    Read More

  • Forensic Evidence Essay

    1251 Words  | 3 Pages

    In order to understand how to compile evidence for criminal cases, we must understand the most effective types of evidence. This topic is interesting because there are ample amounts of cases where defendants have gotten off because of the lack of forensic evidence. If we believe forensic evidence is so important and it affects our decisions, then maybe we need to be educated on the reality of forensic evidence. If we can be educated, then we may have a more successful justice system. If we have a more successful justice system than the public could gain more confidence that justice will be served. In order to do this, we must find what type of evidence is most effective, this can be done by examining different types of evidence.

    Read More

  • Blood Evidence

    1073 Words  | 3 Pages

    The evidence collected from the scene should be properly packaged, labeled and sealed before it is delivered to the laboratory for testing. Proper labeling is essential for laboratory applications as well as for court usage. All the items to be submitted to the laboratory should have the name or the names of the suspects or victims, a brief description of the contents of the package, the location the item was collected, the investigator's name and the date and time the items were collected. It is also imperative to place different items in different packages to avoid cross contamination. The packaging containers should be properly selected according to the items to be packaged. Sealing the outer packages of the evidence helps in maintaining the quality of evidence and ensures that the evidence is not tampered with while being delivered to the laboratory. It is also significant to take into consideration safety issues while packaging the evidence. Where the contents of the packages contain items that are likely to be hazardous it is critical to label such packages appropriately to avoid harm.

    Read More

  • Forensic Evidence Essay

    1204 Words  | 3 Pages

    Evidence collection is a crucial part of forensics. Its reliability can be compromised by input bias from law

    Read More

  • The Importance of Collection, Custody and Preservation of Forensic Evidence

    1566 Words  | 4 Pages

    An imperative aspect of the collection of physical evidence is the legal considerations involved with obtaining evidence, the law sets out strict guidelines which describe when evidence can be collected, who it can be obtained fr...

    Read More

  • Computer Forensic Tools

    895 Words  | 2 Pages

    The use of computers in homes, schools, offices, and other places has increased in the past few years due to technological developments. As computers have become important components of modern communication, their increased use has also led to the emergence of computer crimes. Computer crimes basically involve the use of a computer system to carry out an illegal activity. In attempts to lessen the frequency and impact of computer crimes, law enforcement agencies use computer forensic to investigate these offenses. Actually, computer crimes are governed by specific laws and dealt with through conducting a computer forensic investigation (Easttom & Taylor, 2011, p.337). Notably, a computer forensic investigation is usually carried out through the use of computer forensic tools, which help in collection of evidence based on the specific offense.

    Read More

  • What is Digital Forensic?

    2655 Words  | 6 Pages

    Digital Forensic is described as “ a forensic science encompassing the recovery and investigation of materials found in digital devices “ (“Introduction to Digital Forensics,” 2011). The objective of digital forensics is to implement a well-structured investigation while preserving a documented chain of custody and evidence custody form to know what really occurred on digital devices and who was accountable for it.

    Read More

  • Data Acquisition

    1744 Words  | 4 Pages

    The data a computer forensics acquisition tool collects is stored as an image file in one of three formats. Two formats are open source and the third is proprietary. Each vendor has unique features, so several different proprietary formats are available. Depending on the ...

    Read More

  • What Is Digital Forensics And Digital Evidence?

    1557 Words  | 4 Pages

    Physical evidence is any physical object that contains reliable information that supports a hypothesis about the incident. Digital evidence is physical or electronic information (such as a written or electronic documentation, computer log files, data, reports, physical hardware, software, disk images, objects and so on) are collected during the investigation conducted computer. Evidence includes, but is not limited to, computer files (such as log files or generated reports) and human-generated files (such as spreadsheets, documents, or eail

    Read More

  • Use of Technology in Police Departments

    1310 Words  | 3 Pages

    Technology has opened new encounters and opportunities for the criminal justice system. There are so many new practices of criminal activity, such as computer crimes. There are different types of computer crimes that many people become victims of every day. Computer crime is any crime that involves a computer and a network. The computer may have been used in the commission of a crime, or it may be the target ("Computer Crime: Chapter 2: What Are the Crimes?", n.d.). Crimes such as data diddling, pump and dump, social engineering and spoofing are computer crimes. Even though these crimes are difficult by privacy issues, the new technology has made investigations and prosecutions well organized and effective. Though views are different on the pros and cons of specific technological changes in the criminal justice system, there is an agreement the system has changed affectedly ("Effects of Technology in Criminal Justice | eHow", n.d.).

    Read More

  • Digital Evidence Essay

    827 Words  | 2 Pages

    The biggest challenge investigators face and who is involved with high tech crime is the fast-paced constant evolving nature of technology. When companies come out with new devices or new versions of old devices which is almost all the time, and those who gather digital evidence must remain current to be able to locate and preserve all potential evidence. As technology evolves the capacities of these devices will rapidly increase while their form factor grows continually smaller. Investigators must preserve digital evidence to make sure it is suitable for presentation in court as well. Investigators must first never change a crime scene or alter evidence. It is their goal to document and preserve the scene exactly as it was when the crime occurred. Extreme caution and care is needed because the mere act of documenting or cataloging a crime scene means that investigators are interacting with the scene. The second concern is the physical fragility of the evidence. Care must be taken to keep items from getting wet, stepped on etc, this can also be applied to digital evidence. Investigators have been able to examine hard disk drives that have been through fires because the drives are usually air and water tight and impervious to temperatures into the thousands of degrees. The third issue is that digital evidence can be lo...

    Read More

  • Physical Evidence In Criminal Investigation

    1086 Words  | 3 Pages

    In addition to, all criminal justice parties including lawyers, law enforcement officers, and forensic science analysis should be positive that the biological evidence has been properly stored, preserved, and tracked properly to prevent contamination. Biological evidence custodians require paying close attention to the evidence labeling and packaging, that way the evidence can efficiently locate from one location to another without degradation being

    Read More

  • Cybercrime Essay

    2700 Words  | 6 Pages

    Computer crime or Cyber Crime is defined as any type of crime that involves or regards a computer or computer network. Cyber Crime mainly means that the computer may be used as a tool in the commission of the crime or the computer may be the main target of the criminal’s crime. The rapid growth of technology and gadgets as well as the further de...

    Read More

More about Cyber Forensics Essay

Open Document