Computer Forensics is a branch of forensic science that includes the identification, recovery, investigation, validation, and presentation of facts regarding digital evidence found on computers or similar digital storage media devices.
Computer Forensics is an electronic discovery technique used to determine and reveal technical criminal evidence. It often involves electronic data storage extraction for legal purposes.
Although still in its infancy, Computer Forensics is gaining traction as a viable way of interpreting evidence.
Computer Forensics cover a broad spectrum, from email scams to downloading copyrighted works for distribution, and are fueled by a desire to profit from another person’s intellectual property or private information. Computer Forensics can readily display a digital audit trail for analysis by experts or law enforcement. Developers often build program applications to combat and capture online criminals; these applications are the crux of Computer Forensics.
Computer Forensics techniques include: “Cross-driven analysis that correlates data from multiple hard drives, Live analysis, which obtains data acquisitions before a PC is shut down, Deleted file recovery”.
Each of the above techniques is applied to Computer Forensics investigations.
Computer Forensics Lab Components
Core Forensics Lab SW / HW.
Digital Forensics Case Management.
Password Recovery SW / HW.
Media Recovery SW / HW.