2. Digital Forensics
Digital forensics is the science of identifying evidence from digital sources
and which provides the forensic experts with robust tools and techniques to
solve complicated digital-related crimes (Carrier, B., 2002).
There are 2 compulsory criteria prior to the admission in court: (1) relevant
to the case and (2) must use scientific methods and procedures.
Due to lack of care in gathering evidence can result to not only as
meaningless evidences but heavy penalties to forensics expert team such as
charges in terms of civil rights and falsifying allegations based on no factual
evidence.
3. Process of digital forensics:
Fig 1: Process of digital forensics (Dr J.
Haggerty, no date)
4. The process of computer forensics during
investigation (Dr J. Haggerty, no date) :
Starts here
Starts here
Preservation
Identify tools & methods
Identification
Use tools & methods
Extraction
Documentation
Ends here
Ends here
Interpretation
Fig 2: Process of Computer forensics
5. Examples of scientific detection tools
available to detect hidden data :
Fig 3: WetStone Technologies’ Gargoyle (Kessler, G. C., 2004) Fig 4: Niels Provos’s stegdetect (Niels Provos, 2004)
6. How to check the reliability of the
data found?
Digital evidence has a requirement to undergo a ‘Daubert’ hearing by law
prior to being formally presented in court. In this a pre-trial session, the
judge decides whether the tools and methods used to collect, analyse and
retrieve the digital evidence is viable and can be presented in court
(Carrier, B., 2002).
The Daubert guidelines involve 4 stages (Carrier, B., 2002):
Testing Error rate Publication Acceptance
Fig 5: Daubert accuracy guidelines stages
7. Professional, ethical and legal issues
As computer forensics consists of a series of complex phases, evidence need to
be carefully gathered and securely stored for investigation. During this
process, integrity of information obtained should not be compromise or altered
at any cost.
1. Professional – The investigator plays an essential and effective role during
this investigation. Any mistake from their part will lose all the validity and
relevancy to the case as well as will reject by the Daubert hearing (Digital
Forensics Magazine, 2010).
2. Ethical - a collection of guided moral principles for the usage of computers
& issues of computer forensics faces are privacy concerns, how computers
affect society etc (Digital Forensics Magazine, 2010).
3. Legal - As technologies are evolving at a high speed & now can find small
and yet powerful computers or devices which pose several legal standard
challenges for forensics experts in identifying & extracting information.
8. References:
Fig 1: Dr J. Haggerty, no date. Digital forensics: Digital forensic process. Available
at: http://www.cse.salford.ac.uk/profiles/haggerty/forensics.php [Accessed on
16/10/2011]. Fig 3: Kessler, G. C., 2004. WetStone Technologies’ Gargoyle.
Available at:
<http://citeseerx.ist.psu.edu/viewdoc/download?doi=10.1.1.90.8113&rep=rep1&typ
e=pdf > [Accessed on 16/10/2011].
Fig 4: Niels Provos, 2004. Niels Provos’s stegdetect. Available at:
<http://www.outguess.org/detection.php > [Accessed on 17/10/2011].
Carrier, B. (2002). Open Source Digital Forensics Tools. Citeseerx[Online paper].
Available at: : <http://www.digital-
evidence.org/papers/opensrc_legal.pdf>[Accessed on 16/10/2011]. Daniel J.R and
G. Shpantzer (2005). Legal Aspects of Digital Forensics. Available at:
http://euro.ecom.cmu.edu/program/law/08-732/Evidence/RyanShpantzer.pdf>
[Accessed on 17/10/2011]. Dr J. Haggerty(no date). Digital forensics. Available at:
http://www.cse.salford.ac.uk/profiles/haggerty/forensics.php [Accessed on
16/10/2011]. Digital Forensics Magazine(2010). Ethics in Computer Forensics.
Available at:
<http://www.digitalforensicsmagazine.com/index.php?option=com_content&view=a
rticle&id=540> [accessed on 17/10/2011].