forensics is simply the
application of computer investigation and
Computer forensics involves the
preservation, identification, extraction,
documentation, and interpretation of
computer media for root cause analysis.
Computer forensics is a branch of digital
Computer Forensics is
collection, and analysis
of evidence found on
the Florida Computer Crime Act was
the 1st law to help deal with computer fraud
Responding to computer crime in the 80’s
and 90’s law enforcement training programs
were started at SEARCH, FLETC and NW3C.
1984 FBI Computer Analysis and Response
1991 International Law Enforcement
meeting to discuss computer forensics & the
need for standardized approach.
Identification– Technical Analysis
Evaluation– What the Lawyers Do
forensic principles = success
Minimize data loss
Analyze all data collected
Report your findings
Computer Information System /Information
95% or world’s information is being
generated and stored in a digital form.
Only about one third of documentary
evidence is printed out.
Any data that can be stored and read by an
are used to analyze digital data
& prove or disprove criminal activity.
Used in 2 Phases of Computer
Acquisition – Images systems &
Analysis – Examines data & recovers
and evidence is used to solve
does the job of solving a crime
through analyzing data.
forensic science, it is easier to track
the history and trace events related to the
analysis Tools and Utilities.