Computer forensics or Cyber forensic is the use of proven scientific methods and techniques, in order to identify, preserve, validate, analyze, interpret, document and present digital evidence obtained from digital information sources, with the purpose of facilitating reconstructing the facts in a legal investigation, or helping to anticipate or prevent actions against the law.
Although a crime is not computerized, there is digital evidence, and since all the activities carried out with a device (manually or automatically) leave evidence, it may be analyzed together with the rest of the evidence of A case.
What are the objectives of these cyber forensics
In case a security breach has occurred, these are the main and most important goals of using forensic computing:
▸It helps to quickly identify the evidence and also allows estimating the potential impact of malicious activity on the victim who received the computer attack.
▸It helps to recover, analyze and preserve the computer and related materials in a way that helps the investigating agency present them as evidence in a court of law.
▸Design procedures at a suspected crime scene that help ensure that the digital evidence obtained is not corrupted.
▸Data Acquisition and Duplication: Recovery of deleted files and deleted partitions from digital media to extract evidence and validate them.
▸Produce a computer report that provides a comprehensive report on the investigation process.
It could be said that these are the police officers of the network and those who are dedicated to bringing justice but… these as well exist are still their worst enemies dedicated to anti-forensic computing
These are the natural enemy of computer forensics and can be their worst nightmare as these programmers design anti-forensic tools to make it difficult or impossible to retrieve information during an investigation. Essentially, anti-forensic computing refers to any technique, device, or software designed to obstruct a computer investigation.
Each of these have their tools to both analyze the evidence and hide it and it is an endless battle that takes place.
See also:
Changes in laws and legislation due to Cybersecurity
