Digital Forensics Sachin Durgaiah University of Texas at Dallas Abstract: This paper starts with the history of Digital Forensics since when it is being used. The paper then moves to the process of digital forensics and its limitation. We shall look into the legal methods of computer forensics and also how to overcome the disadvantages of computer forensics. Introduction: Digital forensics is mainly used in investigating the data found on electronic devices. Digital forensics has its core application in computer crime. Let look at the history of Digital forensics. It all started during the 1970s and early 1980s. The first crime involving computer came to light in the 1978 in Florida. This crime included unauthorized modification of important …show more content…
During the 1980s the investigators used few specialized tools. They often did live analysis on media using existing sysadmin tools which was to extract evidence. But this method had the risk of data modification. This problem was addressed in the 1900s. There soft wares that was developed called “SafeBack” which overcame this problem. More recently soft wares for mobile devices have been developed. Initially investigators used to access the data directly on the device, but soon this was overcome by the use of Radio Tactics Aceso …show more content…
This incident happened in Canada. Where a teen’s body was found. There were no evidence about how to put the suspects behind bars. The suspects were her class mates. While they had burned her body but the trails remained on the spot. So, they had to dump her body elsewhere. Which they did. The investigators faced problems in finding evidence. Then the investigators used the help of digital forensics field. The digital forensics field could secure their browser history, messages sent from the cellphones, a confession on World of Warcraft chat, GPS data associated with a message sent from the spot of murder, google map searches for places to dump a body. These evidences helped the investigators to put the two teen behind bars. Now let’s look at few tools that are used in the field of digital forensics [1] like disk and data capturing tools, Internet analysis tools, hidden file viewers, deleted email recovery and analysis tools and network traffic analysis tools. Now let’s look at few techniques that are used in digital forensics. 1. Digital forensic
The book gives a general overview of the field of forensic science. The sections of the book include “The Scene of the Crime; Working the Scene--The Evidence; Working the Scene of the Body Human; Working the Scene--Different Stages; and Working the Scene--Different Skills (Genge vii-viii). Included are instructions on what professionals should do upon arriving at a crime scene, what items to bring with them, how to protect the crime scene, and how to protect the evidence from contamination. In addition to writing about the subject of forensic science, the author also included several appendixes and suggested readings to help the reader learn even more information about the subject. In addition, the author included a list of colleges that offer programs in the field of forensic science.
Forensics investigations that require the analyzation and processing of digital evidence can be influenced both positively and negatively by a number of outside sources. In this paper, we will explore how physical security plays a role in forensics investigations activities. We will start by examining how physical and environmental security might impact the forensics investigation process. Next, we will discuss the role that physical and logical security zones play in supporting effective forensics activities. We will illustrate how centralized and decentralized physical and environmental security affects the forensics professional’s approach toward the investigation. Lastly, we will evaluate some potential areas of risk related to the physical security of our case study organization, Widget Factory, identified in Attachment 1.
As far back as 1832, James Marsh was the first to use forensics at trial to give evidence as a chemist in 1832. Since that time forensic science and evidence has come a long way in various ways and technology to help in determine if the suspect is guilt or not, through such things as DNA testing, blood, and fingerprints. The first forensic police crime lab was created in 1910. The contributions of Dr. Edmond Locard, a French scientist and criminologist, proposed that “everything leaves a trace”. This principle is still valid today as it was so many years ago. No matter how small, the specialized trained technicians and investigators can take these methods and go to a crime scene to get evidence. “Forensic science is the application of sciences such as physics, chemistry, biology, computer science and engineering to matters of law.” (Office of Justice, 2017) These different sciences can help achieve and assist in solving a case. Forensic science has also the ability to prove that a crime was committed, it can find the elements of the crime, it can help place the suspect at the scene and whether the suspect had any contact with the victim. However, in the last several years the techniques and with the use of technology the evidence that forensic science uncovers can also exonerate an innocent individual who has been falsely accused of the
The last type of evidence I will discuss are documents. Everyone has a different handwriting and different characteristics that make it unique. Computers are also unique in the way they type and print out things. Document examiners can look over these and establish the similarities in the handwriting and computer forensic specialists can extract logs and other data from most devices.
There is a wide range of Linux forensic software available. There are single tools like file carvers, or there are comprehensive collections of tools. In the following, some of the most popular Linux forensic tools are described. The focus is put on The Sleuth Kit because it is organized according to the different filesystem layers. This provides an interesting insight on how forensics is done on filesystems.
“Advance in Forensics Provide Creative Tools for Solving Crimes.” www.ctcase.org. Np. n.d. Web. 17 March 2014.
Forensic Science, recognized as Forensics, is the solicitation of science to law to understand evidences for crime investigation. Forensic scientists are investigators that collect evidences at the crime scene and analyse it uses technology to reveal scientific evidence in a range of fields. Physical evidence are included things that can be seen, whether with the naked eye or through the use of magnification or other analytical tools. Some of this evidence is categorized as impression evidence2.In this report I’ll determine the areas of forensic science that are relevant to particular investigation and setting out in what method the forensic science procedures I have recognized that would be useful for the particular crime scene.
An imperative aspect of the collection of physical evidence is the legal considerations involved with obtaining evidence, the law sets out strict guidelines which describe when evidence can be collected, who it can be obtained fr...
In conclusion, computer crimes have increased in the recent past because of the proliferation of these devices due to technological advancements. This has in turn contributed to the emergence of computer forensics, which involves the use of various processes and tools to gather evidence that is admissible in a court. There are various types of computer forensic tools or programs with different features, costs, and areas of effectiveness. Similarly, there are various computer experts for various computer crime scenarios. Since these experts are only suitable for varying computer crime scenarios, the hourly costs of hiring them differ based on the specific details of the case.
In today’s time, modern Crime Scene Investigation has increased rapidly. From throughout the late 1900’s and in the early 2000’s (Taylor 1). For all of the evidence that they find, a solid foundation has formed over the thousands of years of Crime Scene
The data a computer forensics acquisition tool collects is stored as an image file in one of three formats. Two formats are open source and the third is proprietary. Each vendor has unique features, so several different proprietary formats are available. Depending on the ...
What did they do ? Before we talk about it any further, we have to know some definitions that we use in digital forensics and digital evidence, not only two of them but the others too. This chapter will explain about it . Before we talk about it any further, we have to know the definition of what we are talking about. In the introduction we already know what digital forensic and digital evidence shortly are. In this chapter, we will more explore what they are, and some state that we found when we search about digital forensic and digital evidence. Computer forensics is a broad field and applied to the handling of crimes related to information technology. The goal of computer forensic is to securing and analyzing digital
The biggest challenge investigators face and who is involved with high tech crime is the fast-paced constant evolving nature of technology. When companies come out with new devices or new versions of old devices which is almost all the time, and those who gather digital evidence must remain current to be able to locate and preserve all potential evidence. As technology evolves the capacities of these devices will rapidly increase while their form factor grows continually smaller. Investigators must preserve digital evidence to make sure it is suitable for presentation in court as well. Investigators must first never change a crime scene or alter evidence. It is their goal to document and preserve the scene exactly as it was when the crime occurred. Extreme caution and care is needed because the mere act of documenting or cataloging a crime scene means that investigators are interacting with the scene. The second concern is the physical fragility of the evidence. Care must be taken to keep items from getting wet, stepped on etc, this can also be applied to digital evidence. Investigators have been able to examine hard disk drives that have been through fires because the drives are usually air and water tight and impervious to temperatures into the thousands of degrees. The third issue is that digital evidence can be lo...
Forensic science has paved the way to a new world of technological advancements in solving crime, through DNA analysis, new technology such as M-Vac, improving systems such as CODIS and other investigative methods. As forensic science technology advances, the chance of an individual being able to commit a crime and walk away free without leaving any trace of evidence will lessen. While forensic science has its limitations, it can be the only way to provide an accurate account of what actually occurred at some crime scenes.
Today, technology has affected our global surroundings in a number of ways. Technology has created a more advanced society and economy. We use technology in every aspect of life today. New innovations and technology helps create a safer atmosphere and reduces the rate of crime. Technology is the usage and knowledge of techniques or is systems of these things. Usage of technology in the criminal justice system is not new but more apparent today. Technology in criminal justice will continue to challenge us to think about how we turn information into knowledge. Due to new technology, criminal investigations are able to maintain and improve their processes. Forensic science, DNA, other and future technology has all had a tremendous impact on criminal investigation and its process.