Verified Document

Digital Forensics Technology: Why Open Thesis

The rapid development of predictive routing algorithms that seek to anticipate security breaches are also becoming more commonplace (Erickson, 2009). Evidence acquisition through digital forensics seeks to also define preservation of all patterns of potential crime, regardless of the origination point (Irons, 2006). The collaboration that occurs in the open source forensic software industry acts as a catalyst of creativity specifically on this point. There are online communities that seek to define more efficient approaches to this area of evidence acquisition through collaboration of development efforts. Their results over the long-term are changing the use of forensic software, both from an open source and proprietary standpoint. The authentication phase of gathering digital evidence centers on the integrity of the data captured and stored. This specific phase relies heavily on evidential integrity and authenticity of records (Barret, 2004) in addition to compliance to ISO 15489:1 (2001) a records management standard that has been proven admissible in courts for the preservation of digital evident. This standard is considered integral to evidential integrity of digital evidence (Irons, 2006). As part of this standard, authenticity of records are verified by the sender and received, the time they were created, send and read and the validity of what their intended purpose is. All of these factors are taken into account in defining the veracity of claims regarding their use for legal vs. illegal purposes (Abel, 2009). As forensic software is based on a series of rules and in some cases constraints, the rules-driven approach to defining evidential integrity is also used and a relative score is provided for each series of authorized vs. unauthorized actions. This in effect creates a benchmarking of threat levels by activity and can over time be used for predicting which potential sequence of activities will lead to an illegal activity or not (Irons, 2006). In this way the acquisition of digital evidence is supported through the advanced intelligence that the rules engine in forensic software provides. Just as with the acquisition of evidence this phase of authentication is also benefiting from the collaborative efforts of developers in the open source development community. The concentration of how to ensure compliance to the ISO standard is an area of continual collective effort on the part of developers in the digital forensics development community.

The analysis of digital evidence is the most rapidly advancing of all in the areas of open source forensic software. Due to the continual refinement of rules, the hybrid approach to the use of constraints (O'Connor, 2005) and the development of auditability of cybertrails (Irons, 2006) all contribute to this area experiencing the greatest technological gains in the last five years. Analysis of digital evidence is also including advanced pattern matching and linguistic analysis to determine if there are data and access patterns not discernable through more common techniques of statistical analysis. There is also the use of cluster and discriminant analysis to find...

These advanced forms of analysis are critically important for overcoming the threats that have grown exponentially in terms of sophistication and strength (Abel, 2009). Analysis of digital evidence is also an area that has ethical boundaries as well, with the need to have legal access to accounts to analyze them (Abel, 2009). The ethicacy of monitoring systems for security however, when exposed to the general public has been upheld in court however (Volonino, 2003).
Conclusion

The use of open source forensic software will continue to grow rapidly as the business factors including a lower TCO and the continual improvement of the software through collaborative development communities continue as well. There is also the need for having digital forensics open sourced to enable a greater level of creativity and innovation in response to the rapid rise in threat sophistication and strength (Abel, 2009). Open source forensic software, like enterprise-wide open sours software, has gone through a transformation from being initially seen as lacking in security, reliability and support. Like its enterprise software counterpart however, it has emerged from these perceived shortcomings to become an essential part of broader enterprise digital forensic analysis and evidence platforms in organizations both private and public (Barbin, Patzakis, 2002).

References

Abel, W. (2009). Agents, Trojans and tags: The next generation of investigators. International Review of Law, Computers & Technology,23(1/2), 99.

Barbin, D., Patzakis, J. (2002), "Computer forensics emerges as an integral component of an enterprise information assurance program," Information Systems Control Journal, Vol. 3 pp.25-7.

Barret, N. (2004), "Computer forensics an introduction," Records Management Society Bulletin, No.121, pp.9-10.

Bates, J. (1997), "Fundamentals of computer forensics," International Journal of Forensic Computing, December, 2005.

Berghel, H. (2003), "The discipline of internet forensics," Communications of the ACM, Vol. 46 No.8, pp.15-20.

Erickson, J.(2009, June). App Dev That Delivers. InformationWeek,(1233), 35-39.

Forte, D. (2008). Dealing with forensic software vulnerabilities: is anti-forensics a real danger? Network Security, 2008(12), 18-20.

Alastair Irons. (2006). Computer forensics and records management - compatible disciplines. Records Management Journal, 16(2), 102-112.

ISO 15489-1 (2001), Information and Documentation -- Records Management. Part 1: General, International Standards Organisation, Geneva.

Muller-Seitz, G., & Roger, G. (2009). Is open source software living up to its promises? Insights for open innovation management from two open source software-inspired projects. R & D. Management, 39(4), 372.

Rogers, M.K. (2003), "Computer forensics: science or fad," Security Wire Digest, Vol. 5 No.65.

Rory V O'Connor. (2005). Software selection: towards an understanding of forensic software tool…

Sources used in this document:
References

Abel, W. (2009). Agents, Trojans and tags: The next generation of investigators. International Review of Law, Computers & Technology,23(1/2), 99.

Barbin, D., Patzakis, J. (2002), "Computer forensics emerges as an integral component of an enterprise information assurance program," Information Systems Control Journal, Vol. 3 pp.25-7.

Barret, N. (2004), "Computer forensics an introduction," Records Management Society Bulletin, No.121, pp.9-10.

Bates, J. (1997), "Fundamentals of computer forensics," International Journal of Forensic Computing, December, 2005.
Cite this Document:
Copy Bibliography Citation

Related Documents

Forensics Digital Evidence/Forensics and the
Words: 3398 Length: 12 Document Type: Research Paper

This phase is described by Carrier as the phase where we "...use the evidence that we found and determine what events occurred in the system" (Carrier, 2005). 2.2. The United States Department of Justice's (USDOJ) digital forensic analysis methodology The second methodology under review in this paper has been put forward by the United States Department of Justice. This consists of four basic phases: collection, examination, analysis and reporting (Shin, 2011).

Cyber Forensic Or Digital Forensic Report
Words: 2149 Length: 8 Document Type: Essay

Essay Topic Examples 1. Emerging Trends in Cyber Forensics: Challenges and Solutions:      This essay could explore the latest advances in cyber forensic technology and methodologies. It can delve into the challenges that come with new forms of cybercrime and how professionals are developing innovative solutions to stay ahead in the digital arms race. Specifically, it could address the shift towards cloud forensics, mobile device analysis, and the implications of the

Search Warrant and Database
Words: 862 Length: 10 Document Type: Research Paper

Digital Forensics and Cyber Crime Investigation HCC Partner is the top healthcare company in the United States, and the management has noticed an intrusion in the systems based on the alerts from their IDS (Intrusion Detection System) logs that causes the management to question the reliability of the system. Analysis of their systems reveals that HCC uses the Snort IDS that is running in Linux system. Moreover, the HCC database administrator

Computer Forensics for Preventing Email
Words: 4655 Length: 17 Document Type: Capstone Project

i.e. modifying the domain name system. 7. DNS-Based Phishing ("Pharming"): This offense is based on interference in the domain name searching process by modifying the domain name resolution sending the user to a different IP address. 8. Content-Injection Phishing: The phisher introduces fraudulent content into a legitimate website. 9. Data Theft: Malicious code that collects sensitive information stored within the machines in which it is installed. 10. Man-in-the-Middle Phishing: The phisher takes a

Computer Forensics: Donning Your Detective
Words: 403 Length: 1 Document Type: Term Paper

Specialized forensic tools will be necessary to retrieve and analyze deleted, renamed and encrypted data that search tools will overlook. Further, forensic tools will help with complex information correlation. For example, to construct a timeline of events it may be necessary to tie network log stamps and data together with database access and usage logs. Reporting is the final phase of forensic investigation. Here, the article is weak, only recommending

America Isn't Ready for Real Digital Protection of Its Infrastructure...
Words: 1401 Length: 4 Document Type: Essay

Combating Digital Crime & Digital Terrorism "Describe the overall impact (e.g. economic, social, etc.) of utilizing technologies in combating digital crime and digital terrorism" It has become very obvious over the past few years that the United States' technologies that are supposed to combat cyber attacks on corporate, personal, and government computers are enormously ineffective. Some would say that is an understatement. This paper discusses ways to combat cyber crime and cyber

Sign Up for Unlimited Study Help

Our semester plans gives you unlimited, unrestricted access to our entire library of resources —writing tools, guides, example essays, tutorials, class notes, and more.

Get Started Now