Digital Forensics Digital forensics is the science of identifying evidence from digital sources and which provides the forensic experts with robust tools and techniques to solve complicated digital-related crimes (Carrier, B., 2002). There are 2 compulsory criteria prior to the admission in court: (1) relevant to the case and (2) must use scientific methods and procedures. Due to lack of care in gathering evidence can result to not only as meaningless evidences but heavy penalties to forensics expert team such as charges in terms of civil rights and falsifying allegations based on no factual evidence.
Process of digital forensics: Fig 1: Process of digital forensics (Dr J. Haggerty, no date)
The process of computer forensics duringinvestigation (Dr J. Haggerty, no date) : Starts here Starts here Preservation Identify tools & methods Identification Use tools & methods Extraction Documentation Ends here Ends here Interpretation Fig 2: Process of Computer forensics
Examples of scientific detection toolsavailable to detect hidden data :Fig 3: WetStone Technologies’ Gargoyle (Kessler, G. C., 2004) Fig 4: Niels Provos’s stegdetect (Niels Provos, 2004)
How to check the reliability of thedata found? Digital evidence has a requirement to undergo a ‘Daubert’ hearing by law prior to being formally presented in court. In this a pre-trial session, the judge decides whether the tools and methods used to collect, analyse and retrieve the digital evidence is viable and can be presented in court (Carrier, B., 2002). The Daubert guidelines involve 4 stages (Carrier, B., 2002): Testing Error rate Publication Acceptance Fig 5: Daubert accuracy guidelines stages
Professional, ethical and legal issuesAs computer forensics consists of a series of complex phases, evidence need tobe carefully gathered and securely stored for investigation. During thisprocess, integrity of information obtained should not be compromise or alteredat any cost.1. Professional – The investigator plays an essential and effective role during this investigation. Any mistake from their part will lose all the validity and relevancy to the case as well as will reject by the Daubert hearing (Digital Forensics Magazine, 2010).2. Ethical - a collection of guided moral principles for the usage of computers & issues of computer forensics faces are privacy concerns, how computers affect society etc (Digital Forensics Magazine, 2010).3. Legal - As technologies are evolving at a high speed & now can find small and yet powerful computers or devices which pose several legal standard challenges for forensics experts in identifying & extracting information.
References: Fig 1: Dr J. Haggerty, no date. Digital forensics: Digital forensic process. Available at: http://www.cse.salford.ac.uk/profiles/haggerty/forensics.php [Accessed on 16/10/2011]. Fig 3: Kessler, G. C., 2004. WetStone Technologies’ Gargoyle. Available at: <http://citeseerx.ist.psu.edu/viewdoc/download?doi=10.1.1.90.8113&rep=rep1&typ e=pdf > [Accessed on 16/10/2011]. Fig 4: Niels Provos, 2004. Niels Provos’s stegdetect. Available at: <http://www.outguess.org/detection.php > [Accessed on 17/10/2011]. Carrier, B. (2002). Open Source Digital Forensics Tools. Citeseerx[Online paper]. Available at: : <http://www.digital- evidence.org/papers/opensrc_legal.pdf>[Accessed on 16/10/2011]. Daniel J.R and G. Shpantzer (2005). Legal Aspects of Digital Forensics. Available at: http://euro.ecom.cmu.edu/program/law/08-732/Evidence/RyanShpantzer.pdf> [Accessed on 17/10/2011]. Dr J. Haggerty(no date). Digital forensics. Available at: http://www.cse.salford.ac.uk/profiles/haggerty/forensics.php [Accessed on 16/10/2011]. Digital Forensics Magazine(2010). Ethics in Computer Forensics. Available at: <http://www.digitalforensicsmagazine.com/index.php?option=com_content&view=a rticle&id=540> [accessed on 17/10/2011].