This document discusses computer forensic software. It begins by defining forensic science and its application in criminal investigations and law. Computer forensics is described as applying investigative techniques to gather and analyze digital evidence from computing devices in a way that can be presented in a court of law. The benefits of computer forensics for various groups are outlined. The typical steps in a computer forensic investigation including acquisition, analysis, and reporting are explained. Popular forensic software like Encase and Access Data are introduced, noting their features for versatility, flexibility, robustness, and ability to handle different file types and operating systems.

1. Computer Forensic
Software
By
CA. Dhruv Seth
ds@sethspro.com

2. Index – Computer Forensic Software
• What is forensic and its types?
• What is Computer forensics
• Benefits of Computer forensics
• Steps in conducting computer forensics
• Evaluation of forensic software
• Popular forensic software

3. What is forensic ?
• Derived from Latin word “forēnsis”
• Application of scientific techniques of
• Gathering and
• Examination of information
• Which can be used in court of law
• Dates back to 44 B.C. for first such case

4. Major forensic fields
• Criminalistics
• Computer
• Odontology
• Toxicology
• Psychiatry & Behavioural Science
• Pathology/Biology

5. What is Computer Forensic ?
• Application of
• Investigation and Analysis techniques to
• Gather and preserve
• Evidence from a computing device so as
• Effectively produce as a admissible evidence
• In court of law

6. What is Computer Forensic ?
• Goal of a computer forensic is to
• Perform a structured investigation
• Maintain documented chain of evidence
• To determine what happened through the device
• To determine who was responsible for the same

7. Benefits of Computer Forensic ?
• Prosecutors – Evidence in incriminating
documents
• Civil Litigators – Personal records
• Insurance Companies – Evidence to substantiate
actual fraud
• Corporations – Evidence relating to
misappropriations or embezzlements
• Law Enforcement – Post search handling of
computing devices

8. Steps in Computer Forensic
• Acquisition
• Making an Image
• Verifying the integrity of Image
• Extraction
• Data viewing
• Key word based search
• Password protected then dictionary attack or brute force

9. Steps in Computer Forensic
• Reconstruction
• Re create the crime scene with computer image
• Run software to analyze the image
• Reporting
• Create an effective report
• Crisp with hard evidences
• Log anaylsis

10. Steps in Computer Forensic

11. Types of forensic techniques
• Hardware forensic tools
• Range from single-purpose components to complete
computer systems and servers. Advantage of hardware
forensic tools is that embedded development is done which
saves the space and time. The products will be portable and
speedy acquisition of digital data’s can be done.
• Software forensic tools
• Commonly used to copy data from a suspect’s disk drive to
an image file.

12. Evaluating Software
• Versatility
• Work in any condition
• Able to accommodate any various type of inputs
• Flexibility
• Should not be stringent with its capabilities
• Able to adapt to different users and their different needs

13. Evaluating Software
• Robustness
• Ability to cope with any errors
• Algorithm to operate despite abnormalities in Inputs.
• Software should be independent of
• Operating & File System
• Script capabilities
• Automated features
• Vendors reputation should be impeccable

14. Popular analytical software
• Encase Forensic
• Fully automated program touted as highly user friendly
• Includes mechanized imaging and verification
• Provides tree like registry
• Provides for Internet and Email searching
• Vendor provides regular updates on regular court decisions
• Preserves high integrity
• Tablet and smartphone data acquisition possible
• Automatic and customizable reports
• Costly with upgrades also expensive

15. Popular analytical software
• Access Data
• Simple Data extraction
• Wizard driven interface
• Various data extraction options which maintain integrity
• Broad support for Mobile and various OS
• Court cited solutions
• Database driven for speed and resilience
• Integrated feature set
• Rich reporting

16. Thank You
By
CA. Dhruv Seth
ds@sethspro.com