How the field of digital forensics has grown over the years

Digital forensics has experienced rapid growth as more users go digital and make use of interconnected devices. Digital forensics is the new trend of uncovering multiple data that is crucial in criminal investigations through digital investigative techniques. In today’s digital forensics, investigators can recover deleted, encrypted in the folds of digital devices and use the evidence collected to testify in court. Digital forensics serves as a balance of convenience and new threats to privacy and security in the global virtual world. According to Patsakis et al. Using tools that are not vetted by the community may lead to unreliable, falsified, and increased junk science in the courtroom. (10 points). In your labs, you “hashed” files that you added as evidence. Explain the use of hashes in authenticating evidence.

Address how collisions might negatively impact a case. Timestamping is essential in keeping records of when information is being exchanged, created or deleted. Time in digital forensics is used in determining the time of contact with the digital evidence to establish its integrity. Timestamping the server and network log files is crucial in capturing and analyzing potential vulnerabilities in a network (Khan, 2016). Digital signaling helps in extracting data from physical or storage media for digital investigations. The method saves network event logs which provide clues about potential vulnerabilities. Users expressly waive any privacy rights in any file created, stored, sent or received on the computer over the network or any other computer network. (10 points). Discuss why a live analysis is preferred over a “dead” analysis and the issue of “volatility.

” In an investigation, what information would need to be captured first? A live analysis is most preferred because firstly the volatile data cannot be altered since analysis is conducted when the system for analysis is still running. Also, live forensics limits data gathered to relevant data which means only the relevant and crucial data can be analyzed. Sacramento used company funds to make illegal payments to him and other payments to fictitious distributors, for services that were never performed. In these two examples, it is evident that all the transactions are conducted electronically, and the, the evidence for fraud should be located in the devices used in producing the receipts generated for paying the fictitious distributors (Sharevski, 2015). An example of crime investigation Recently, the police received a letter on a floppy disk from a Kansas serial killer.

In investigating the case, the police realized that the original author of the letter was Eduardo. In this case, the evidence would be found in the floppy disk. Another problem relates to content whereby the systems are structured to encompass all of the files’ contents and their metadata. In acquiring network data, a challenge occurs where the forensic process is required to flow without disrupting the standard operating procedures of the organization. (10 points) Describe four different ways that a criminal can hide data (think anti-forensics, too). How would you find each of these in your investigation? Criminals can hide data through protocol bending and packet crafting. In protocol bending; the criminals embed data in TCP/IP packets in unexpected places of a digital device.

What steps can you take to recover the password or information? I would use data recovery tools to unencrypt data stored in the Random Access Memory of the PC. I would also obtain encryption passphrases that protect the private key (Zhang et al. The two steps will facilitate recovering encrypted data and passwords and decrypt them to restore the PC in its normal functioning. References Bennett, D. The Challenges Facing Computer Forensics Investigators in Obtaining Information from Mobile Devices for Use in Criminal Investigations. , Wahab, A. W. A. , Bagiwa, M. A. Crime Scene Investigation: A Guide for Law Enforcement Crime-SceneInvestigation NIST. CFTT: Digital Data Acquisition Tool Specification Patsakis, C. , Charemis, A. , Papageorgiou, A. , Mermigas, D. Rules of professional responsibility in digital forensics Zhang, X.