COMPUTER FORENSICS

By B.C.Sangeetha

Table of Contents
Introduction History of Computer Forensics What is Computer Forensics Goals of Computer Forensics Digital Evidence Categories of Evidence Advantages and Disadvantages of Computer Forensics Applications of Computer Forensics Skills required for Computer Forensics Conclusion References

Introduction
Computer forensics (sometimes known as computer forensic science) is a branch of digital forensic science pertaining to legal evidence found in computers and digital storage media. It is a Scientific process of Preserving, Identifying, Extracting, Documenting.

History of Computer Forensics

1970s-First crimes cases involving computers, mainly financial fraud 1980s -Financial investigators and courts realize that in some cases all the records and evidences were only on computers. 1984-FBI Magnetic Media Program created. Later it become Computer Analysis and Response Team (CART) 1987 Acces Data Cyber Forensic Company formed 1993- First International Conference on Computer Evidence held 1995- International Organization on Computer Evidence (IOCE) formed.

History of Computer Forensics

1997-The G8 countries in Moscow declared that Law enforcement personnel must be trained and equipped to address high-tech crimes. 1998-In March G8 appointed IICE to create international principles, guidelines and procedures relating to digital evidence 1999-FBI CART case load exceeds 2000 cases, examining 17 terabytes of data 1998-In March G8 appointed IICE to create international principles, guidelines and procedures relating to digital evidence 1999-FBI CART case load exceeds 2000 cases, examining 17 terabytes of data 2000-First FBI Regional Computer Forensic Laboratory established 2003-FBI CART case load exceeds 6500 cases, examining 782 terabytes of data.

What is Computer Forensics??

Computer forensics, also called cyber forensics, is the application of computer investigation and analysis techniques to gather evidence suitable for presentation in a court of law. In the field of computer forensics, crucial data can be gathered from dozens of sources. These sources may include computer messaging, e-mails, the Internet, tapes CDs, Pen drives, or printouts

Goals of Computer Forensics

Evidence Collection: Analysis: Reporting:

Federal bureau of Investigation logo

Digital Evidence
Digital evidence or electronic evidence before accepting digital evidence a court will determine if the evidence is relevant, whether it is authentic, if it is hearsay and whether a copy is acceptable or the original is required. Ex:Latent as Fingerprint or DNA The use of digital evidence has increased in the past few decades as courts have allowed the use of e-mails, digital photographs, ATM transaction logs, word processing documents, instant message histories, internet browser histories, computer backups, computer printouts e.t.c

Categories of Evidence
There are two categories of Evidence. They are

DNA Evidence

Crime Evidence

EQUIPMENTS USED FOR DIGITAL EVIDENCE

Advantages and Disadvantages of Computer Forensics

Advantages:
Ability to search through a massive amount of data. Quickly Thoroughly In any language

Disadvantages:
must prove that there is no tampering all evidence must be fully accounted for computer forensic specialists must have complete knowledge of legal requirements, evidence handling and storage and documentation procedures

Applications of Computer Forensics

Criminal Domestic Security Marketing

Skills required for Computer Forensics

To start a computer forensics career, you'll likely need a computer forensics degree or a related degree (e.g., computer science, criminal justice or engineering). Cryptology Reverse software engineering Investigative techniques Computer forensics tools, such as password crackers, email converters, or the EnCase or Forensic Toolkit (FTK) software applications.

Conclusion
Hence, by this technology of computer forensics, crime cases can be solved very easily within a very short time span and the accused is easily caught by the sure shot evidences. The reasons behind the crime scene can be easily determined and solved in various situations and scenarios.

QUESTIONS??

References:
www.compforensics.com/references.htm en.wikipedia.org/wiki/Computer_forensics books.google.co.in/books?isbn=1584503890 www.edrm.net/resources/glossary/c/compute r-forensics www2.opensourceforensics.org/node/95

THANKS FOR YOUR ATTENTION