-
Notifications
You must be signed in to change notification settings - Fork 89
About the domain
Digital forensics is a type of forensic related to computer crimes which investigation of material found in all the devices capable of storing digital data.
Cyber crimes are offenses that are committed against individuals or groups of individuals to harm directly or indirectly, using modern telecommunication networks such as Internet (Chat rooms, emails, notice boards and groups) and mobile phones.
Evidences are anything which provide direct proof of an assertion or mostly consistent with an assertion.
The process of searching inquiry for ascertaining facts, detailed or careful examination.
Cloud computing is computing that involves a large number of computers connected through a communication network with the ability to run a program or application on many connected computers at the same time.
Private cloud is cloud infrastructure operated solely for a single organization,whether managed internally or by a third-party and hosted internally or externally.
Used within the fields to refer to the physical medium (such as a hard drive) or data storage device.
Disk image is a file which containing the contents and structure of a disk volume or an entire data storage device, such as a hard drive, tape drive, floppy disk, optical disk or USB flash drive.
Separating the data into individual pieces, and giving each piece a name, the information is easily separated and identified. each piece of data is called a "file" The structure and logic rules used to manage the groups of information and their names is called a "file system".
Metadata are the data providing information about one or more aspects of the data, such as means of creation of the data, purpose of the data, time and date of creation, creator or author of the data and ect.
Exchangeable image file data, A type of data that specifies the formats for images, sounds and and ancillary tags used by digital cameras , scanners and other systems handling image and sound files recorded by digital cameras.
a digital forensic investigation is a process that uses science and technology to examine digital objects and that develops and tests theories, which can be entered into a court of law, to answer questions about events that occurred. Digital forensic investigations (DFIs) are commonly employed as a post-event response to a serious information security or criminal incident. They typically consider the case when the PC of a suspect has been seized. The hard-drive is imaged and an investigation proceeds to search for traces of evidence. The examination is conducted in a systematic, formalized and legal manner to ensure the admissibility of the evidence. The process of a digital forensic investigation is subject to considerable scrutiny of both the integrity of the evidence and the integrity of the investigation process.
Process currently performed
- Collection -Data related to a specific event is identified, labeled, recorded, and collected, and its integrity is preserved.
- Examination -Forensic tools and techniques appropriate to the types of data that were collected are executed to identify and extract the relevant information from the collected data while protecting its integrity.Examination may use a combination of automated tools and manual processes.
- Analysis-Involves analyzing the results of the examination to derive useful information that addresses the questions that were the impetus for performing the collection and examination.
- Reporting -May include describing the actions performed, determining what other actions need to be performed, and recommending improvements to policies, guidelines, procedures, tools, and other aspects of the forensic process.