Scribd Logo
Încărcați

Bine ați venit la Scribd!

  • Computer Forensics

    Încărcat de

    api-327206621
    88 vizualizări3 pagini

    Titlu original

    computer forensics

    Drepturi de autor

    © © All Rights Reserved

    Formate disponibile

    DOCX, PDF, TXT sau citiți online pe Scribd

    Vi se pare util acest document?

    Este necorespunzător acest conținut?

    Raportați acest document

    Drepturi de autor:

    © All Rights Reserved
    Descărcați ca DOCX, PDF, TXT sau citiți online pe Scribd
    Indicator pentru conținut neadecvat
    88 vizualizări3 pagini

    Computer Forensics

    Încărcat de

    api-327206621

    Drepturi de autor:

    © All Rights Reserved
    Descărcați ca DOCX, PDF, TXT sau citiți online pe Scribd
    Indicator pentru conținut neadecvat
    din 3

    COMPUTER

    FORENSICS

    Forensic computing is nothing but process of identifying, preserving, analysing and


    presenting the digital evidence in the form of legally acceptable manner.
    Following are the four stages involved in it:

    IDENTIFICATION:
    In this process, identification of things like whether any evidence is
    present, how it is stored, where it is stored and which operating system is
    used for it. By accessing this information, the tools, appropriate recovery
    methodologies used are easily identified by the investigator.

    PRESERVATION:
    Here in this step, the preservation of integrity of digital evidence and
    ensuring custody chain is not broken. Using reproducible methodologies,
    the data has to be preserved (copied) on stable media like CD-ROM.
    Documentation of all steps taken to capture the data must happen. If
    there are any changes to the evidence then they should be documented,
    including about the change and why it was changed. In the court of law,
    you may need to prove integrity.

    ANALYSIS:
    In the analysis step, reviewing and examining the data should be there.
    The major use of it is maintaining the integrity whilst examining the
    changes by copying this data onto CD-ROM.

    PRESENTATION:
    In this process the evidence is presented in a legally acceptable and
    understandable manner. This process plays a major role when the jury
    who may have least computer experience, can understand well when
    presented reflects originality.

    COMPUTER FORENSICS MEANS?


    Computer forensics is simply the application of disciplined investigative
    techniques in the automated environment and the search, discovery, and
    analysis of potential evidence. It is the method used to investigate and
    analyse data maintained on or retrieved from electronic data storage
    media for the purposes of presentation in a court of law, civil or
    administrative proceeding.

    ORIGIN OF COMPUTER FORENSICS:


    Michael Anderson
    He is the Father of computer forensics

    He worked as special agent with IRS

    In 1988 meeting (Portland, Oregon)


    The IACIS is created, the International Association of Computer
    Investigative Specialists
    Also, first Seized Computer Evidence Recovery Specialists (SCERS)
    classes held

    NECESSITY OF COMPUTER FORENSICS:


    The computer forensics has become vital in the corporate world. There
    can be theft of the data from an organization in which case the
    organization may sustain heavy losses. For this purpose, computer
    forensics are used as they help in tracking the criminal. The need in the
    present age can be considered as much severe due to the internet
    advancements and the dependency on the internet.
    The computer forensics is also efficient where in the data is stored in a
    single system for the backup. The data theft and the intentional damage
    of the data in a single system can also be minimized with the computer
    forensics.

    IMPORTANCE OF COMPUTER FORENSICS:


    (1) Persistent data (2) Volatile data are the two basic types of data
    collected in this computer forensics.

    RECOVER DATA THAT YOU THOUGHT WAS LOST FOREVER


    ADVICE YOU ON HOW TO KEEP YOUR DATA AND INFORMATION SAFE
    FROM THEFT OR ACCIDENTAL LOSS
    EXAMINE A COMPUTER TO FIND OUT WHAT ITS USER HAS BEEN
    DOING
    SWEEP YOUR OFFICE FOR LISTNENING DEVICES
    HI-TECH INVESTIGATION
    APPLICATIONS OF COMPUTER FORENSICS:
    FINANCIAL FRUAD DETECTION:
    Corporates and banks can be detecting financial frauds with the
    help of evidence collected from systems. Also, insurance
    companies can detect possible fraud in accident, arson, and
    workmans compensation cases with the help of computer evidence.

    CRIMINAL PROSECUTION:
    Prosecutors can use computer evidence to establish crimes such
    as homicides, drug and false record-keeping, financial frauds, and
    child pornography in the court of law.

    CIVIL LITIGATION:

    Personal and business records found on the computer systems


    related to fraud, discrimination, and harassment cases can be used
    in civil litigations.

    CORPORATE SECURITY POLICY AND ACCEPTABLS USE


    VIOLATIONS:

    A lot of computer forensic work done is to support


    management and human resources (HR) investigations of employee
    abuse.
    ARTICLE PUBLISHED BY MANOJ.I, PURSUING B-TECH IN MITS.
    .

    S-ar putea să vă placă și