Computer Forensic Investigation

1451 Words3 Pages
bulb-icon

Recommended: Digital evidence important to an investigation

Digital evidence shall be treated like other evidence but more sensitive due to the possibility of the data or evidence being corrupted. Digital evidence deals with a large amount of personal information and requires special training or tools to ensure its validity. A computer forensic investigation utilizes all means necessary to retrieve all evidence is maintained, custody is established, and the proper procedures are put in place so that nothing is compromised. The National Institute of Standards and Technology (NIST) an investigator will need to follow an uncompromising code of procedures. These procedures are a part of a layered defense and are set up to divert any modifications to the source disk. A very common hardware or software tool …show more content…

Planning is critical in making sure that your team has way forward and knows the right tools to bring to the job. Time is critical when collecting evidence because some evidence could be altered manipulated or even deleted. Additionally, creating a targeted workflow for your computer forensic team can cut the cost and reduce the time on a crime scene saving money. Acquisition, is a process that extremely important because it begins with the chain of custody and images the disk or electronic devices. #### Next, extraction and collection takes a forensic team deep inside the digital evidence pulling data out of computers, servers or electronic devices necessary to cyber forensics. The collection of the evidence is a pivotal step in this process because any evidence that can be collected appropriately and that is relevant to the case at hand can be beneficial for law enforcement. In addition to collecting digital evidence some cyber forensics teams may have to conduct traditional forensics so it is good practice to train on these types forensics as well. Teams should begin to collect data or electronic media in the following order: Central Processing Unit, cache and registered content; routing table, process table, and kernel statistics; memory; temporary file systems; hard disk data; remote logged data; data contained on archival media. (Best Practices in Digital Evidence Collection, 2009) Another challenge is collecting on mobile devices because of the constant changing of technology. Analyzation and exploitation deal with analyzing data that is collected and ensuring that it is exploited to subdue the criminal if necessary. Lastly, once the analysis is complete the final step in the cyber forensic process is reporting. Being able to draft a report to convict a cyber-criminal in deterring

Show More
Related

  • Physical And Environmental Security Impact On Forensics Investigations

    1934 Words  | 4 Pages

    Forensics investigations that require the analyzation and processing of digital evidence can be influenced both positively and negatively by a number of outside sources. In this paper, we will explore how physical security plays a role in forensics investigations activities. We will start by examining how physical and environmental security might impact the forensics investigation process. Next, we will discuss the role that physical and logical security zones play in supporting effective forensics activities. We will illustrate how centralized and decentralized physical and environmental security affects the forensics professional’s approach toward the investigation. Lastly, we will evaluate some potential areas of risk related to the physical security of our case study organization, Widget Factory, identified in Attachment 1.

    Read More

  • Forensic Science Technician Research Paper

    822 Words  | 2 Pages

    Some common activities are being able to identify objects, actions, and events while recording down the information. Another major one is communicating with each other so the task will be done efficiently. More specific activities that are known to be done are collecting and keeping the physical evidence to be properly stored and used later to inspect. Crime scenes must also be reconstructed to find the tie between the evidence and suspect. The last one is examining, testing, or analyzing the evidence and data to reach a

    Read More

  • Using Forensic Science to Identify Criminals

    1906 Words  | 4 Pages

    Rape, murder, theft, and other crimes almost always leave a devastating mark on the victim. More often than not, it would be impossible to identify the perpetrator a crime without forensic science and the technology it uses. Forensic science allows investigators to unmask the secrets of the crime scene. Evidence gathered at the crime scene helps to identify the guilty party, murder weapon, and even the identity of the victim (Harkawy, 1991: 276). The new technologies enables the forensic experts to have better and faster access to accumulated information, to be more accurate in the identification of victims or delinquents, and minimizes the possibility of wrongful accusations. New technology has improved the methods and techniques that forensic scientists and law enforcement investigators use, in order to provide a safer environment for other people. Information technology is one of the most important aspects in forensic science. It is very important for the forensic experts to receive the undisturbed evidence, such as fingerprints left at the crime scene, as quickly as possible, for more accurate readings. Thus using space technology, such as satellite communication, enables the forensic experts to "gather and digitize evidence at the crime scene, enter it into an on-site computer, and beam the data to a crime lab for swift analysis" (Paula, 1998: 12). Therefore, due to the use of this technology, forensic experts in laboratories can examine the evidence in short time, and the possibility of damage or unlawful manipulation of the evidence before the trial is minimal (Paula, 1998: 12). More often than not, "criminals" wear gloves at the time of the crime, thus to obtain a fingerprint...

    Read More

  • Forensic Evidence: CSI Analysis

    1516 Words  | 4 Pages

    The Crime Scene Investigation (CSI) Effect is a phenomenon in which television programs that feature forensic science, such as CSI: Crime Scene Investigation, Criminal Minds and the Law and Order franchise, have influenced the approach jurors use to assess evidence in a criminal trial. This poses a challenge when prosecuting a defendant as it gives jurors improbable expectations. As the use of DNA (DeoxyriboNucleic Acid) testing, hand writing analysis, and testing of gunshot residue has become prevalent in television programs, jurors have come to expect the use of such testing in trials, which, in turn, has influenced the way cases are investigated and prosecuted, but has not necessarily influenced the rate of acquittals and convictions.

    Read More

  • Forensics in the Criminal Justice System

    334 Words  | 1 Pages

    The criminal justice system has changed a lot since the good old days of the Wild West when pretty much anything was legal. Criminals were dealt with in any fashion the law enforcement saw fit. The science of catching criminals has evolved since these days. We are better at catching criminals than ever and we owe this advancement to forensic science. The development of forensic science has given us the important techniques of fingerprinting and DNA analysis. We can use these techniques to catch criminals, prove people's innocence, and keep track of inmates after they have been paroled. There are many different ways of solving crimes using forensic evidence. One of these ways is using blood spatter analysis; this is where the distribution and pattern of bloodstains is studied to find the nature of the event that caused the blood spatter. Many things go into the determination of the cause including: the effects of various types of physical forces on blood, the interaction between blood and the surfaces on which it falls, the location of the person shedding the blood, the location and actions of the assailant, and the movement of them both during the incident. Another common type of forensic evidence is trace evidence. This is commonly recovered from any number of items at a crime scene. These items can include carpet fibers, clothing fibers, or hair found in or around the crime scene. Hairs recovered from crime scenes can be used as an important source of DNA. Examination of material recovered from a victim's or suspect's clothing can allow association to be made between the victim and other people, places, or things involved in the investigation. DNA analysis is the most important part of forensic science. DNA evidence can come in many forms at the crime scene. Some of these forms include hair; bodily fluids recovered at the crime scene or on the victim's body, skin under the victim's fingernails, blood, and many others. This DNA can be the basis of someone's guilt or innocence; it has decided many cases in the twentieth century. As the times continue to change and the criminals get smarter we will always need to find new ways to catch them. Forensic science is the most advanced method yet, but is only the beginning. As the field of science grows so will the abilities of the

    Read More

  • Use of Technology in Police Departments

    1310 Words  | 3 Pages

    Technology has opened new encounters and opportunities for the criminal justice system. There are so many new practices of criminal activity, such as computer crimes. There are different types of computer crimes that many people become victims of every day. Computer crime is any crime that involves a computer and a network. The computer may have been used in the commission of a crime, or it may be the target ("Computer Crime: Chapter 2: What Are the Crimes?", n.d.). Crimes such as data diddling, pump and dump, social engineering and spoofing are computer crimes. Even though these crimes are difficult by privacy issues, the new technology has made investigations and prosecutions well organized and effective. Though views are different on the pros and cons of specific technological changes in the criminal justice system, there is an agreement the system has changed affectedly ("Effects of Technology in Criminal Justice | eHow", n.d.).

    Read More

  • The Importance of Collection, Custody and Preservation of Forensic Evidence

    1566 Words  | 4 Pages

    Collection of evidence is usually a term designated to refer to the collection of physical evidence, government agencies such as police or environmental protection departments will have their own methods for the collection, storage and conservation of physical evidence and it is the responsibility of forensic personnel to adhere to these set guidelines. General principles which are shared amongst various agencies include, the creation of contemporaneous notes, recording the collection of evidence via photographing, videotaping and/or audiotapes, preserving the crime scene by sealing off the location and only allowing designated personnel to enter, avoiding contamination of the crime scene by investigators through the use of full body covering and also preventing cross-contamination with the scene and any suspects.

    Read More

  • Collecting the Evidence From a Crime Scene

    1095 Words  | 3 Pages

    The amount of evidence can either help win or lose a case. Every crime scene has evidence available for officers to collect. It is important for them to know what the standard protocol is for collecting evidence and how to properly collect it without contamination.

    Read More

  • Computer Forensic Tools

    895 Words  | 2 Pages

    The use of computers in homes, schools, offices, and other places has increased in the past few years due to technological developments. As computers have become important components of modern communication, their increased use has also led to the emergence of computer crimes. Computer crimes basically involve the use of a computer system to carry out an illegal activity. In attempts to lessen the frequency and impact of computer crimes, law enforcement agencies use computer forensic to investigate these offenses. Actually, computer crimes are governed by specific laws and dealt with through conducting a computer forensic investigation (Easttom & Taylor, 2011, p.337). Notably, a computer forensic investigation is usually carried out through the use of computer forensic tools, which help in collection of evidence based on the specific offense.

    Read More

  • Data Acquisition

    1744 Words  | 4 Pages

    Live acquisition: The future of data acquisitions is shifting toward live acquisitions because of the use of disk encryption with newer operating systems (OSs). In addition to encryption concerns, collecting any data that’s active in a suspect’s computer RAM is becoming more important to digital investigations. The processes and data integrity requirements for static and live acquisitions are the same. The only shortcoming with live acquisitions is not being able to perform repeatable processes, which are critical for collecting digital evidence.

    Read More

  • What Is Digital Forensics And Digital Evidence?

    1557 Words  | 4 Pages

    What did they do ? Before we talk about it any further, we have to know some definitions that we use in digital forensics and digital evidence, not only two of them but the others too. This chapter will explain about it . Before we talk about it any further, we have to know the definition of what we are talking about. In the introduction we already know what digital forensic and digital evidence shortly are. In this chapter, we will more explore what they are, and some state that we found when we search about digital forensic and digital evidence. Computer forensics is a broad field and applied to the handling of crimes related to information technology. The goal of computer forensic is to securing and analyzing digital

    Read More

  • Forensic Science History Essay

    836 Words  | 2 Pages

    Forensic science has now been recognized as an important part of the law enforcement team to help solve crimes and cold cases. The advances in technology are being used each day and we must continue to strive to develop better advances in this field. The recent discovery of using DNA in criminal cases has helped not only positively identify the suspect, but it has helped exonerate hundreds of innocent individuals. “With new advances in police technology and computer science, crime scene investigation and forensic science will only become more precise as we head into the future.” (Roufa, 2017) Forensic science and evidence helps law enforcement officials solve crimes through the collection, preservation and analysis of evidence. By having a mobile crime laboratory, the scene gets processed quicker and more efficiently. Forensic science will only grow in the future to be a benefit for the criminal justice

    Read More

  • Essay On The Criminal Investigation Process

    1078 Words  | 3 Pages

    The process of gathering evidence largely depends on the role of discretion by the police. Once police have decided to pursue a reported crime, they then begin the process of gathering evidence. To ensure that the process of gathering evidence is lawful, the police must follow the procedure outlined in the Evidence Act 1995 (NSW), which describes the manner in which evidence can be collected. This act imposes certain limits on the way police can gather evidence and the types of evidence that can be used. The Act is able to protect the rights of citizens by making it a requirement for the police to gain necessary legal documentation, such as search warrants, in order to obtain some types of evidence and thus, protects the rights of ordinary systems. In more recent times, the use of technology has come to play a major role in the gathering of evidence and with this comes complications in the law. New technologies in relation to the criminal investigation process are mainly in reference to DNA evidence, genetic material that can place a suspect at the scene of a crime. The introduction of DNA evidence into the criminal investigation process has been extremely effective in achieving justice, as it is able to secure convictions. Initially, there were some setbacks to the use of DNA evidence

    Read More

  • Digital Evidence Essay

    827 Words  | 2 Pages

    The biggest challenge investigators face and who is involved with high tech crime is the fast-paced constant evolving nature of technology. When companies come out with new devices or new versions of old devices which is almost all the time, and those who gather digital evidence must remain current to be able to locate and preserve all potential evidence. As technology evolves the capacities of these devices will rapidly increase while their form factor grows continually smaller. Investigators must preserve digital evidence to make sure it is suitable for presentation in court as well. Investigators must first never change a crime scene or alter evidence. It is their goal to document and preserve the scene exactly as it was when the crime occurred. Extreme caution and care is needed because the mere act of documenting or cataloging a crime scene means that investigators are interacting with the scene. The second concern is the physical fragility of the evidence. Care must be taken to keep items from getting wet, stepped on etc, this can also be applied to digital evidence. Investigators have been able to examine hard disk drives that have been through fires because the drives are usually air and water tight and impervious to temperatures into the thousands of degrees. The third issue is that digital evidence can be lo...

    Read More

  • What is Digital Forensic?

    2655 Words  | 6 Pages

    Digital Forensic is described as “ a forensic science encompassing the recovery and investigation of materials found in digital devices “ (“Introduction to Digital Forensics,” 2011). The objective of digital forensics is to implement a well-structured investigation while preserving a documented chain of custody and evidence custody form to know what really occurred on digital devices and who was accountable for it.

    Read More

More about Computer Forensic Investigation

Open Document