Table of Contents
Section 2: Describe digital evidence
Section 3: Explain the key principles of cyber forensics
Evidence integrity and reliability
Section 4: Discuss investigation processes
Section 5: Discuss and the importance of crime reconstruction hypotheses and alternative
Section 6: Conclusion
(Words count: 4,033)
Cyber forensics is becoming more and more common in crime investigation, this is expected, because of the relentless development of technology brings along with it crime related with electric devices. Right now, cyber forensics is reshaping many aspect of today's warfare, includes civil, criminal investigation, like in US military, actionable intelligence is rooted out by the digital forensics through military intelligence and evidence of Baghdad battlefield, as it has become a hub for evidence collection (Stephen Pearson, 2010). There is a quote from Arthur Conan Doyle:
"The world is full of obvious things which nobody by any chance ever observes" In cyber forensics, the world can be viewed as the crime scene and things in that world are digital evidences. In the case of digital evidence, it is not so obvious to observe because many times, digital evidence is deleted or hidden or damaged. There are 6 sections in this paper, section 1 is the introduction about cyber forensics and digital evidence, section 2 is about describing digital evidence, section 3 shows explanation about principles of cyber forensics, section 4 has discussions about preserving, locating, selecting, analyzing, validating and presenting evidence, section 5 will discuss about crime reconstruction hypotheses, alternative hypotheses and their importance, and finally, section 6 is the conclusion about all the information from section 2 to section 5. Section 2: Describe digital evidence
The Internet, computers and many other electronic devices have already became an inseparable part of human life. No matter where you are and what are you doing, the daily activities of an average person always involve with them and the all the interaction with them such as sending an e - mail, surfing the Web, etc... can create digital evidence (Larry E. Daniel and Lars E. Daniel, 2012). Digital evidence is defined as data stored or transmitted in a suspicious computer that used to support or refute of how an incident occurred, or show some elements about the incident such as the offender's intent or alibi (Eoghan Casey, 2011).
Today, the weight of digital evidence in legal cases is increasing as digital evidence may possess the needed information in determining a crime is committed or not, helping the investigators build the link between the crime and its victim, or its perpetrator (Harley Kozushko, 2003). However, people who are truly understand the processes and challenges in identifying, recovering, securing, examining, analysing and preparing digital evidence are few and far between. The reason is cyber forensics is a quite new area in investigating any civil or criminal cases, with the abundance number of tools and high level of skill in computing required, cyber forensics has a steep learning curve that makes even the young generation of investigator has a hard time to follow, let alone the old generation who is unfamiliar with the cyber environment. To make the matter worse, digital evidence can be easily manipulated, destroyed or concealed, many investigators will have a vexing experience in finding the truth. (Richard Boddington, 2011)
Digital evidence can be gathered from various areas in the computer, the followings are the common types of digital evidence: (Larry E. Daniel, Lars E. Daniel, 2012) 1. Hash value:
A digital version of thumbprint in which the file or hard...
Please join StudyMode to read the full document