What is Digital Forensics? Digital Forensics is the preservation, identification, extraction, interpretation and documentation of computer evidence that can be used in a court of law Branches of Digital Forensics:
Digital Forensics help to protect from and solve
cases involving:
Some Challenges faced by Digital Forensics
So, can say that Digital Forensics
Why do we use Digital Forensics?
Chain of Custody “Chain of Custody” is a fancy way of saying “The ability to demonstrate who has had access to the digital information
being used as evidence”
5. Steps in performing Digital Forensics Preparation ( of the investigator, not the data) Collection (the data) Digital Evidence can be collected from many obvious sources such as:
*Examination *Analysis *Reporting Types of Computer Forensic Tools Here are the main types of digital forensic
tools:
Some Digital Forensics Tools: 1. Disk analysis: Autopsy/The Sleuth Kit 2. Image creation: FTK Imager 3. Memory forensics: Volatility 4. Windows Registry analysis: Registry Recon 5. Mobile forensics: Cellebrite UFED 6. Network analysis: Wireshark 7. Linux distributions: CAINE 8. ProDiscover Forensic 9. PALADIN 10. EnCASE 11. Registry Recon So, there is lots of tools like these Which are the Best Digital Forensic Software
Tools? Below are some of the best digital forensic
software tools:
Disk Forensics: It deals with extracting data from storage media by searching active,
modified, or deleted files. Network Forensics: It is a sub-branch of digital forensics. It is related to monitoring and
analysis of computer network traffic to collect important information and legal
evidence. Wireless Forensics: It is a division of network forensics. The main aim of wireless forensics
is to offers the tools need to collect and analyze the data from wireless
network traffic. Database Forensics: It is a branch of digital forensics relating to the study and examination
of databases and their related metadata. Malware Forensics: This branch deals with the identification of malicious code, to study
their payload, viruses, worms, etc. Email Forensics: Deals with recovery and analysis of emails, including deleted emails,
calendars, and contacts. Memory Forensics: It deals with collecting data from system memory (system registers, cache,
RAM) in raw form and then carving the data from Raw dump Mobile Phone Forensics: It mainly deals with the examination and analysis of mobile devices. It
helps to retrieve phone and SIM contacts, call logs, incoming, and outgoing
SMS/MMS, Audio, videos, etc. Example Uses of Digital Forensics In recent time, commercial organizations have
used digital forensics in following a type of cases:
Advantages of Digital forensics Here, are pros/benefits of Digital forensics
Here, are the major cos/ drawbacks of using Digital
Forensic
To Your Success, ~Meetcipher |