Thursday, January 4, 2024

Digital Forensics:What is digital forensics ?

Digital Forensics:What is Digital Forensics ?


Digital Forensics:What is digital forensics ?


Digital forensics, also known as computer forensics or cyber forensics, is the branch of forensic science that deals with the investigation, recovery, analysis, and presentation of digital evidence from electronic devices and digital media. It involves applying scientific and investigative techniques to collect, preserve, and analyze data stored on computers, smartphones, tablets, servers, and other digital devices.

The primary goals of digital forensics include:

  1. Investigating Cybercrimes: Digital forensics is used to investigate various cybercrimes such as hacking, data breaches, malware attacks, online fraud, intellectual property theft, and cyber espionage.

  2. Gathering Evidence: Digital forensics experts collect and preserve digital evidence in a forensically sound manner to ensure its integrity and admissibility in legal proceedings.

  3. Reconstructing Events: By analyzing digital artifacts, logs, metadata, and other digital traces, investigators reconstruct events, timelines, and activities related to a cyber incident or crime.

  4. Identifying Culprits: Digital forensics can help identify perpetrators, determine their methods and motives, and attribute cyber attacks or criminal activities to specific individuals or groups.

  5. Supporting Legal Proceedings: Digital evidence collected through forensic analysis is often used in legal proceedings, including criminal investigations, civil litigation, regulatory compliance, and internal corporate investigations.

Digital forensics involves a range of techniques and tools, including disk imaging, file analysis, network forensics, memory analysis, malware analysis, and mobile device forensics. Forensic experts must adhere to strict protocols and guidelines to ensure the integrity and admissibility of the evidence collected. Additionally, they often collaborate with law enforcement agencies, legal professionals, cybersecurity specialists, and other stakeholders throughout the investigation process.


Digital forensicsIn its strictest connotation, the application of computer science and investigative procedures involving the examination of digital evidence - following proper search authority, chain of custody, validation with mathematics, use of validated tools, repeatability, reporting, and possibly expert testimony.( csrc.nist.gov : CNSSI 4009-2015 from DoDD 5505.13E )


What is digital forensics ?
Photo Credit: NIST

Digital forensics is a branch of forensic science that focuses on identifying, acquiring, processing, analysing, and reporting on data stored electronically.

Electronic evidence is a component of almost all criminal activities and digital forensics support is crucial for law enforcement investigations.( Interpol)

Digital Forensics:What is digital forensics ?
Photo Credit: Interpol

Digital forensic science is a branch of forensic science that focuses on the recovery and investigation of material found in digital devices related to cybercrime. The term digital forensics was first used as a synonym for computer forensics. Since then, it has expanded to cover the investigation of any devices that can store digital data. (eccouncil March 6, 2024,What is digital forensics)

Digital Forensics:What is digital forensics ?
Photo Credit: eccouncil

Digital forensics is a branch of forensic science encompassing the recovery and investigation of material found in digital devices. It can occur in multiple locations (on the scene, in the field, at a special-purpose location, or in the lab).(Cellebrite Digital Intelligence Glossary)

Digital Forensics:What is digital forensics ?
Photo Credit: Cellebrite

Digital Forensics is a branch of forensic science which includes the identification, collection, analysis and reporting any valuable digital information in the digital devices related to the computer crimes, as a part of the investigation. In simple words, Digital Forensics is the process of identifying, preserving, analyzing and presenting digital evidences. (geeksforgeeks:Digital Forensics in Information Security,16 Jun, 2022)
Digital Forensics:What is digital forensics ?
Photo Credit: geeksforgeeks

Digital forensics is the process through which skilled investigators identify, preserve, analyze, document, and present material found on digital or electronic devices, such as computers and smartphones. (A Working Definition of Digital Forensics:exterro)
Digital Forensics:What is digital forensics ?
Photo Credit: exterro

Digital Forensics: A subset of forensic science that examines system data, user activity, and other pieces of digital evidence to determine if an attack is in progress and who may be behind the activity.(crowdstrike:What is Digital Forensics and Incident Response (DFIR)?)

Digital Forensics:What is digital forensics ?
Photo Credit: crowdstrike

Digital forensics is defined as the “process of identifying, preserving, analyzing and presenting digital evidence in a manner that is legally acceptable in any legal proceedings (i.e., a court of law).(ISACA HQ,Overview of Digital Forensics,Jun 13, 2017)
Digital Forensics:What is digital forensics ?
Photo Credit: ISACA

Digital forensics is a new and rapidly evolving field of forensic study. Its techniques can be used in civil, administrative, and criminal proceedings in order to collect, validate, identify, analyze, interpret, document and present digital evidence. Digital evidence is information derived from devices in a way that allows it to be used in a legal proceeding.(July 6, 2019 by
Infosec)
Digital Forensics:What is digital forensics ?
Photo Credit: Infosec

Digital forensics is a field of forensic science. It is used to investigate cybercrimes but can also help with criminal and civil investigations. For instance, cybersecurity teams may use digital forensics to identify the cybercriminals behind a malware attack, while law enforcement agencies may use it to analyze data from the devices of a murder suspect.(IBM: 16 February 2024,Annie Badman, Amber Forrest)
Digital Forensics:What is digital forensics ?
Photo Credit: IBM

Digital forensics: Collects, processes, preserves, analyzes, and presents computer-related evidence in support of network vulnerability mitigation and/or criminal, fraud, counterintelligence, or law enforcement investigations.(NICCS)

Digital Forensics:What is digital forensics ?
Photo Credit: NICCS

The primary goal of Digital Forensics is to carry out an organized and structured investigation in order to preserve, identify, extract, document and interpret digital information that is then utilized to prevent, detect and solve cyber incidents.( )

Digital Forensics:What is digital forensics ?
Photo Credit: 


หมายเหตุ:เนื้อหาในเว็บไซต์นี้มีขึ้นเพื่อวัตถุประสงค์ในการให้ข้อมูลและเพื่อการศึกษาเท่านั้น

* หากมีข้อมูลข้อผิดพลาดประการใด ขออภัยมา ณ ที่นี้ด้วย  รบกวนแจ้ง Admin เพื่อแก้ไขต่อไป
ขอบคุณครับ

#WindowsForensic #ComputerForensics #dfir #forensics #digitalforensics #computerforensic #investigation #cybercrime #fraud

No comments:

Post a Comment

เจาะลึก 14 Certifications ด้าน Cybersecurity

เจาะลึก 14 Certifications ด้าน Cybersecurity เจาะลึก 14 Certifications ด้าน Cybersecurity ที่น่าสนใจ! แชร์มุมมองส่วนตัวเกี่ยวกับ certificati...