Thursday, June 19, 2008

COMPUTER FORENSICS

Abstract

The increasing use of telecommunications, particularly the development of e-commerce, is steadily increasing the opportunities for crime in many guises, especially IT-related crime .Developments in information technology have begun to pose new challenges for policing. Most professions have had to adapt to the digital age, and the police profession must be particularly adaptive, because criminal exploitation of digital technologies necessitates new types of criminal investigation. More and more, information technology is becoming the instrument of criminal activity. Investigating these sophisticated crimes, and assembling the necessary evidence for presentation in a court of law, will become a significant police responsibility. The application of computer technology to the investigation of computer-based crime has given rise to the field of forensic computing. This paper provides an overview of the field of forensic computing.

1 comment:

Anonymous said...

Adding something more to it; using the correct tools to Data Recovery by computer experts is very important when it comes to computer forensics. The investigators should have good knowledge of software, latest techniques and methods to recover the deleted, encrypted or damaged files and prevent further damage in the process of recovery. In computer forensics two kinds of data are collected. Persistent data is stored on local disk drives or on other media and is protected when the computer is powered off or turned off. Volatile data is stored in random access memory and is lost when the computer is turned off or loses power. Volatile data is located in caches, random access memory (RAM) and registers. Computer expert or investigator should know trusted ways to capture volatile data. Security staff and network administrators should have knowledge about network and computer administration task effects on computer forensics process and the ability to recover data lost in a security incident.