The Importance Of Digital Forensics

1003 Words3 Pages

The use of digital devices in everyday life is increasing as people integrate technology into their lives. It is estimated that as of 2010, the number of mobile phone subscribers has increased from 5 billion people around the world. In addition, new consumer devices, including tablet PCs and devices, will continue to be introduced Wi-Fi playback and media playback devices, as well as cars and devices capable of connecting to the Internet.
The proliferation of electronic devices in the community has led to the increasing presence of evidence collected from digital devices in criminal cases. Recent research reveals that it is possible to find cell phones and the possible evidence associated with them. In more than 50% of all violent crimes, …show more content…

Digital evidence Digital data stored in computers or digital systems or transmitted by them can be Use in proving or denying a crime may be digital or non-digital. The main aim of digital criminal analysis is to address digital crimes, which are committed using computer hardware or those located on digital systems or networks. Digital criminal analysis is the use of technology techniques in the criminal investigation of illegal cases, including the examination of the device or the target system, analysis of operations and retrieval of data and files in order to obtain a digital evidence used in legal …show more content…

• External storage media (USB).
• Router logs.
• Email messages.
• Records of conversations.
• Telephone devices.
• SIM card slot.
• Security Device Logs (Firewall or IDS intrusion detection devices).
• Database records.
Digital evidence varies according to information crime. For example, in cases of extortion via the Internet, e-mails and chat logs can be adopted as digital directories.

Dealing with digital evidence:
The first task a digital investigator should do is to create a mirror image of the hard disk bit image and then perform digital criminal investigations on the image taken rather than on the original device.
A matching image of the target system can be created using tools such as Forensic Toolkit or Encase. This process can also be done using free tools running on the Kali Linux operating system.

The DD tool ( disk to disk):

Is a command-line tool that is automatically found in the Linux kernel and is used to transfer and copy files between disks and can create a mirror image of the hard disk in the target device using the following instruction:

dd if = (-- removed HTML --) of = (-- removed HTML --) bs = (-- removed HTML --)

Example:

dd if = / dev / sda2 of = / dev / sdb2 bs =

Open Document