Saturday, September 24, 2016

The Field Of Computer Forensics

By Shirley Hayes


Computers are being adopted at a very high rate in government, corporate, and personal processes worldwide, something that is leading to a new form of crime called cybercrime. For a crime to qualify as cybercrime, it must have been facilitated by the use of a computing device. To counter cybercrime, a new field of study called computer forensics has been formulated. This field is growing at a fast rate worldwide as cases of cybercrime continue to grow.

This field also goes by the name computer forensic science. Albemarle, NC, is home to some of the best experts in this field. Computer forensic science is a branch within the field of digital forensic science. As a field of study, it pertains to all evidence gathered from computing devices and digital storage media. Experts in this field aim to collect, analyze, and report on digital data in a way that is legally admissible. They use data that is stored digitally to prevent and detect crime.

In the current way of life, the application of computer forensic science is almost in all professions. The professions in which this science does not apply are countable. Law enforcement agencies are the earliest bodies to have used CF in their operations. These agencies also remain to be the heaviest user of this science, contributing enormously to developments observed in the field.

There are several different scenarios in which computers can be crime scenes. For instance, during a hacking or denial of service attack, the computer in question often becomes the crime scene. Computers can also be sources of useful evidence in the form of internet history, documents, and emails, which may be relevant in crimes such as drug trafficking, kidnapping, and murder.

The scope of CF goes well beyond retrieving emails and files from computers. It involves analyzing metadata to collect more useful information from these documents. Information contained in metadata can be used to know the exact date a file first appeared on a computer. It is also possible to know the last date of access, printing, editing, and saving. The user who carried all the aforementioned activities can also be known through metadata.

CF has been employed by commercial organizations in the recent past for meet organizational goals. Commercial organizations use this field in various cases, including intellectual property theft, fraud investigations, forgeries, industrial espionage, and employment disputes. Some additional cases that are handled using CF are bankruptcy investigations, internet use in workplaces, inappropriate emails in workplaces, and regulatory compliance.

Investigation in this field employs several different techniques. These techniques include cross-drive analysis, stochastic forensics, steganography, live analysis, and deleted files. The correlation of information gathered from multiple hard drives is done under cross-drive analysis.

There six different steps making up the process of CF examination. The steps are readiness, evaluation, analysis, presentation, review, and collection. The steps are not listed in a chronological order. Most professionals overlook the readiness step, although it is equally important. The major issues faced in this field can be categorized broadly as technical, administrative, and legal.




About the Author:



No comments:

Post a Comment