Login Signup
Verified Document

How To Collect And Analyze Data In Computer Forensics Case Study

Related Topics:
Data Collection Forensics Forensic Evidence Computer Science
Open Document Cite Document

¶ … burgeoning field of computer or digital forensics has multiple applications. As Carroll, Brannon & Song (2008a) point out, the two primary functions of computer forensics include data extraction and data analysis. As with other areas of forensics, methodologies in computer forensics include scientific methods of data collection, data preservation, and data analysis with ultimate goals of documentation or presentation in accordance with the needs and demands of the investigative team. Although computer forensics is relatively new compared to other branches of the field, the methods whereby digital data can be collected and analyzed are systematic to ensure accuracy and validity. Computer forensics experts should become familiar with the latest operating systems for the purposes of data collection and preservation. For example, Carroll, Brannon & Song (2008b) note that Microsoft Vista's BitLocker provides encryption storage, which has direct ramifications on data extraction and collection by law enforcement. It is also critical that forensics experts become cognizant of the legal protections provided to users and the subsequent legal constraints on data extraction from personal devices. Case law studies on computer forensics highlight some of the core constraints on data collection and its use in courts of law. Littlefield...

Parts of this document are hidden

View Full Document
svg-one

This type of procedures helps the data become more robust.
Researchers highlight the importance of regular training and updating of skills in using various operating systems and understanding system architectures to maximize the efficiency and accuracy of forensics procedures. It may be far preferable to engage a team of highly trained law enforcement personnel than to call upon outsiders and consultants for use in trials (Littlefield, 2008). Case studies reveal the importance of taking into account different overlapping variables including where the files are located, when they were last created, edited, or saved, and how to access a computer's virtual memory for especially sensitive data.

Carroll, Brannon & Song (2008) point out some of the problems inherent in analyzing and collecting large amounts of data, such as at the enterprise level. Copies of data must be made in accordance with chain of custody rules. Forensics experts should never, according to Carroll, Brannon & Song (2008), except in extreme circumstances, work with the original copies of the material in order to preserve their integrity and maximize their potential use in court. Some…

Continue Reading...
Sources used in this document:
References

Carroll, O.L., Brannon, S.K. & Song, T. (2008a). Computer forensics. United States Attorneys' Bulletin 56(1): 1-8.

Carroll, O.L., Brannon, S.K. & Song, T. (2008c). Managing large amounts of electronic evidence. United States Attorneys' Bulletin 56(1): 46-59

Carroll, O.L., Brannon, S.K. & Song, T. (2008b). Vista and BitLocker and Forensics, Oh My! United States Attorneys' Bulletin 56(1): 9-28

Littlefield, M.J. (2008). Demystifying the computer forensic process for trial. United States Attorneys' Bulletin 56(1): 29-45
Cite this Document:
Copy Bibliography Citation

Related Documents

Essay
Computer Forensics: Donning Your Detective
Words: 403 Length: 1 Document Type: Term Paper

Specialized forensic tools will be necessary to retrieve and analyze deleted, renamed and encrypted data that search tools will overlook. Further, forensic tools will help with complex information correlation. For example, to construct a timeline of events it may be necessary to tie network log stamps and data together with database access and usage logs. Reporting is the final phase of forensic investigation. Here, the article is weak, only recommending

Read More
Essay
Computer Forensics Case Study
Words: 2206 Length: 8 Document Type: Research Paper

Computer Forensics The issue at hand involves the examination of a scene from an office space within Widget Corporation. We find that this is the assigned office for a Mr. Didit. The information we have at hand is digital -- a photograph taken from an approximate distance of 3 feet from the occupant's desk. Using the photograph, we find that there are a number of electronic and non-electronic devices and our

Read More
Essay
Computer Forensics Solving Crimes Using
Words: 668 Length: 2 Document Type: Term Paper

Such information is collected using packet sniffers which are programs that can access all information passing through a computer, and not only information particularly sent to the computer. The packet sniffer can either pick all the information, or just selected what is needed, and at the specific time when the information passed through the computer. This is then copied into a given memory. However, for the packet sniffers to

Read More
Essay
Computer Forensic Investigation Making an
Words: 3228 Length: 12 Document Type: Research Paper

Typically, a database uses either the simple recovery model or the full recovery model. The full recovery model can be supplemented by switching to the bulk-logged recovery model before bulk operations." (Microsoft, 2010 P. 2). Meanwhile, our company will need to implement the full back up safeguard all our data. Under the full recovery model, the first step is to back up the transaction log. Combination of full back-up with

Read More
Essay
Computer Forensics for Preventing Email
Words: 4655 Length: 17 Document Type: Capstone Project

i.e. modifying the domain name system. 7. DNS-Based Phishing ("Pharming"): This offense is based on interference in the domain name searching process by modifying the domain name resolution sending the user to a different IP address. 8. Content-Injection Phishing: The phisher introduces fraudulent content into a legitimate website. 9. Data Theft: Malicious code that collects sensitive information stored within the machines in which it is installed. 10. Man-in-the-Middle Phishing: The phisher takes a

Read More
Essay
Computer Forensics Digital Evidence
Words: 1511 Length: 4 Document Type: Research Paper

Forensics and Digital Evidence Forensics is a discipline which uses standardized techniques to pull apart an event, analyze what happened, and find a more accurate conclusion to the data analysis than just witness testimony. For centuries, lacking even rudimentary techniques like fingerprinting or blood type analysis, the legal system relied on confessions and witness testimony. We may turn to Ancient Greece for one of the first recorded examples of a type

Read More

Sign Up for Unlimited Study Help

Our semester plans gives you unlimited, unrestricted access to our entire library of resources —writing tools, guides, example essays, tutorials, class notes, and more.

Get Started Now