Nobody downloaded yet

Case Projects in Computer Forensics - Essay Example

Comments (0) Cite this document
Summary
Validation is the process of determining whether a technique or procedure used in arriving at a finding is reliable and effective. It entails the employment of a series of experiments…
Download full paperFile format: .doc, available for editing
GRAB THE BEST PAPER92.7% of users find it useful
Case Projects in Computer Forensics
Read TextPreview

Extract of sample "Case Projects in Computer Forensics"

Download file to see previous pages Despite the fact that the Daubert Standard is not directly connected to forensics examination, it sets a good guideline for acceptability of validation reports in courts of law (cited Brunty 1). In order to determine the validity of the findings in question, it is vital to determine from the police investigator the exact procedure he/she took as well as all the forensic tools he/she used in examining the computer data. In the Digital Evidence discipline, it is fundamental that the examination of procedures include a complete understanding of the methodology used so as to determine its specificity, limitations and margins of error. The validation of forensic tools is conducted to verify that they did not alter, add or delete any of the original data. (Barbara 4). Computer forensics involves, at least, the basic four processes of identification, preservation, analysis and presentation. Since identification and presentation depend on the skills of the investigator they cannot be subjected to the validation process of the computer laboratory. On the other hand, preservation and analysis are forensics-tool bases and thus, can be verified and validated. Preservation entails forensic copy, verification, write protection and media sanitation while analysis involves the processes of searching, file rendering, data recovery, decryption, file identification, processing, temporal data, and process automation (Guo et al 2009, pp. S-15-S16). Validation and verification of electronic evidence requires mathematical technique primarily to determine their error ratio. One way of doing this is to split a sample data into subsets, to be called model subsets, and compare them to the remaining subsets. Next, the file system should be examined remembering that file systems have two layers: abstract and; low level. When examination had focused on the abstract level, it is most likely that the low level evidence has been overlooked. To determine if this is the case, the file system image should be examined and layer 1 obtained. From layer 1, layer 2 should be inferred and this inferred layer should be compared to the actual layer 2 and the discrepancies noted. All other file systems are then examined similarly and the average error ratio obtained. To continue with the validation, a mathematical formula must be adopted for each file system that consists of a weighted summation of every layer. The following is an example of a formula of FAT12: Er = 0.05(L1) + 0.1(L2) + 0.05(L3) + 0.1(L4) + 0.2(L5) + 0.2(L6) + 0.3(L7) A FAT12 file system, a file system commonly used in most computers, has seven layers: boot sector values; FAT and data areas; FAT entries; clusters; formatted cluster content; linked list of clusters; all directory entries. Each of these layers must be examined for their respective abstract and lower-level, a forecast lower level layer developed with the help of the abstract and the predicted lower-level compared with the original lower-level layer and error ratio is stored. At the end, all stored layer ratios must be placed into a weighted formula similar as above and an average error ratio for the file system obtained. This examination would establish the extent of the discrepancies in the previous examination (Sremack 2003). Case Project 14-3 Several characteristics distinguish a technical/formal paper from other types. ...Download file to see next pagesRead More
Cite this document
  • APA
  • MLA
  • CHICAGO
(“Case Projects in Computer Forensics Essay Example | Topics and Well Written Essays - 750 words”, n.d.)
Retrieved from https://studentshare.org/environmental-studies/1422865-case-projects
(Case Projects in Computer Forensics Essay Example | Topics and Well Written Essays - 750 Words)
https://studentshare.org/environmental-studies/1422865-case-projects.
“Case Projects in Computer Forensics Essay Example | Topics and Well Written Essays - 750 Words”, n.d. https://studentshare.org/environmental-studies/1422865-case-projects.
  • Cited: 0 times
Comments (0)
Click to create a comment or rate a document

CHECK THESE SAMPLES OF Case Projects in Computer Forensics

Computer Forensics

...Erbacher, 2003). It is a relatively young forensic science when compared to the other forensics. The process has been highly misunderstood both in meaning and application. Computer forensics is commonly used to refer to the analysis and reporting of the information collected from the forensic analysis of digital-related media. It is a procedure which has been used for as long as computers have been in use. In recent years, cases of computer crimes have been on the rise. This has necessitated the adoption of computer forensics as a way of trying to nab criminals over the...
11 Pages(2750 words)Research Paper

Computer forensics laboratory

...is preferable, but there are instances when it is impossible to conduct it in such a manner as in cases when the system needs to be continuously powered on. During an offline analysis, copies of the hard drive are made to ensure that no data is lost and during a powered on forensics analysis, the investigator takes and collects as much evidence as he can take (Craiger 2006, p. 5). Since the goal of computer forensics is to gather and obtain evidence that may be presented in court against a suspect in a crime, it is important that the processes undertaken abide by the Federal rules of evidence that govern the admissibility of evidence. There are three steps with which...
3 Pages(750 words)Essay

Data Compression Algorithms.Use of Compression Algorithms in Forensics

...of the main storage means for e-mail in the organizations. Therefore, it is necessary to investigate the PST files to get any evidence. In this regard, the PST Viewer is one of the software for viewing and examining the contents of the MS Outlook. It is pertinent to consider a case of forensic analysis where some important e-mails have been received by one of the officer of an organization. The e-mails and contents are very significant for the organization for the upcoming projects. The available computer system at the time has not MS Outlook installed; moreover, the employee has left the organization, therefore, the investigating employees even does not know the...
4 Pages(1000 words)Essay

Computer Forensics

...?Part Computer forensics has always interested me and though I have considered myself close to being an expert in computer science, I must admit I have had to concede that I have learned that one can do many illicit things with a computer; situations that I did not know existed. Yet on the same token the forensic investigators, “the good guys”, can counter these illegal operations with many sophisticated tricks of their own. Sometimes it is not as instantaneous or glamorous as the fancy gadgets they show on CSI NY but they have many tools available to recreate crimes that can eventually hold up in court. But the TV shows have it right in at least one...
4 Pages(1000 words)Essay

Computer Forensics

.... Therefore, this technique is really effective. The researchers expect that those that will be developed for more complex scenarios will have the same effectiveness as in the simple case (Teelink, S., & Erbacher, R., 2006a). They have repeated their findings in a similar study conducted at West Point. The use of filtered tree-maps in computer forensics as proposed here is novel and offers many advantages over traditional tree-maps. Additionally, the use of square blocks in the manner proposed has not been examined. This system not only uses visualization to represent a file system, but also is specifically designed around the forensic process. The goal of this...
9 Pages(2250 words)Essay

Computer Forensics

...of various chemicals. It was in the 19th century when scientists and chemical experts gained insights about the use of chemicals and in the next century, the world witnessed cases concerned with deaths caused by intoxication more than in the previous recorded history. “Mary Ann cotton, Belle Sorrenson, Gunness Nannie Doss, Doctor Thomas Neill Cream, John Otto Hoch, Graham Frederick Young and Donald Harvey” (Hayes, 2001) are most of the most famous criminals who took unjust advantage of their knowledge of toxicants by killing people (Bell, 2008). Before the legal experts could catch their crime, they had killed many of their targets. This asked the investigators to understand the dynamics of toxicology and apply it to the...
5 Pages(1250 words)Research Paper

Computer Forensics

...existing in the computer forensics professions. Characteristics of computer forensics “From a technical standpoint, the main goal of computer forensics is to identify, collect, preserve, and analyze data in a way that preserves the integrity of the evidence collected so it can be used effectively in a legal case” (US-CERT, 2008,p.2). It is difficult to prove the cyber crimes in court because of the difficulties in submitting evidences. The intruders can escape easily from punishments because of lack of evidences collected normally from a computer crime location. Since all the intrusion and hacking...
5 Pages(1250 words)Essay

Computer forensics

...COMPUTER FORENSICS Table of Contents Introduction Computer forensics can be defined in many ways. Though, normally, computer forensics is recognized as a method utilized for the analytical analysis and investigative methods to identify, gather, inspect and preserve information and evidence which is magnetically encoded or stored. Typically computer forensics is used to offer digital evidence of a broad and specific activity in any area of life. Additionally, a forensic analysis is performed for a wide variety of reasons. In the majority of cases, computer forensics is used for the high profile civil litigation or criminal investigation, however digital forensic methods can be of value in a broad range of circumstances, comprising... ,...
3 Pages(750 words)Essay

Computer Forensics - Case Portfolio

...Computer Forensics - Case Portfolio 0 Case Summary The case is based on a criminal incident against child pornography. One of the employee in Widget Corporation namely Mr. Didit has been alleged for developing child pornography during the office premises. As a result, forensic investigation agency has been summoned in order to collect and examine digital evidences from the crime scene. Throughout the investigation process the legality and fairness has been maintained by engaging in best practices for evidence treatment. Various evidences have been gathered from the crime scene in order to judge that the employee is guilty of such a...
10 Pages(2500 words)Case Study

Computer Forensics

...to the investigating officer a course of action as to what digital evidence may or may not be needed to investigate this crime. a. Provide a list of potential digital evidence that the investigator is going to want to seize for possible forensic examination. Be thorough, as the lead investigator in this case is not computer savvy. The following would be the required digital evidence:- Digital photo of the scene of crime – the photo should cover the areas from which the abduction occurred. If should clearly cover the area, for ease of identification of the area during crime analysis and investigation. In case the abductors or the victim left any belonging behind at the...
2 Pages(500 words)Coursework
sponsored ads
We use cookies to create the best experience for you. Keep on browsing if you are OK with that, or find out how to manage cookies.

Let us find you another Essay on topic Case Projects in Computer Forensics for FREE!

Contact Us