Digital Forensics Technology Why Open essay

Download this essay in word format (.doc)

Note: Sample below may appear distorted but all corresponding word document files contain proper formatting

Excerpt from essay:

The rapid development of predictive routing algorithms that seek to anticipate security breaches are also becoming more commonplace (Erickson, 2009). Evidence acquisition through digital forensics seeks to also define preservation of all patterns of potential crime, regardless of the origination point (Irons, 2006). The collaboration that occurs in the open source forensic software industry acts as a catalyst of creativity specifically on this point. There are online communities that seek to define more efficient approaches to this area of evidence acquisition through collaboration of development efforts. Their results over the long-term are changing the use of forensic software, both from an open source and proprietary standpoint.

The authentication phase of gathering digital evidence centers on the integrity of the data captured and stored. This specific phase relies heavily on evidential integrity and authenticity of records (Barret, 2004) in addition to compliance to ISO 15489:1 (2001) a records management standard that has been proven admissible in courts for the preservation of digital evident. This standard is considered integral to evidential integrity of digital evidence (Irons, 2006). As part of this standard, authenticity of records are verified by the sender and received, the time they were created, send and read and the validity of what their intended purpose is. All of these factors are taken into account in defining the veracity of claims regarding their use for legal vs. illegal purposes (Abel, 2009). As forensic software is based on a series of rules and in some cases constraints, the rules-driven approach to defining evidential integrity is also used and a relative score is provided for each series of authorized vs. unauthorized actions. This in effect creates a benchmarking of threat levels by activity and can over time be used for predicting which potential sequence of activities will lead to an illegal activity or not (Irons, 2006). In this way the acquisition of digital evidence is supported through the advanced intelligence that the rules engine in forensic software provides. Just as with the acquisition of evidence this phase of authentication is also benefiting from the collaborative efforts of developers in the open source development community. The concentration of how to ensure compliance to the ISO standard is an area of continual collective effort on the part of developers in the digital forensics development community.

The analysis of digital evidence is the most rapidly advancing of all in the areas of open source forensic software. Due to the continual refinement of rules, the hybrid approach to the use of constraints (O'Connor, 2005) and the development of auditability of cybertrails (Irons, 2006) all contribute to this area experiencing the greatest technological gains in the last five years. Analysis of digital evidence is also including advanced pattern matching and linguistic analysis to determine if there are data and access patterns not discernable through more common techniques of statistical analysis. There is also the use of cluster and discriminant analysis to find emerging patterns in data over time (Abel, 2009). These advanced forms of analysis are critically important for overcoming the threats that have grown exponentially in terms of sophistication and strength (Abel, 2009). Analysis of digital evidence is also an area that has ethical boundaries as well, with the need to have legal access to accounts to analyze them (Abel, 2009). The ethicacy of monitoring systems for security however, when exposed to the general public has been upheld in court however (Volonino, 2003).


The use of open source forensic software will continue to grow rapidly as the business factors including a lower TCO and the continual improvement of the software through collaborative development communities continue as well. There is also the need for having digital forensics open sourced to enable a greater level of creativity and innovation in response to the rapid rise in threat sophistication and strength (Abel, 2009). Open source forensic software, like enterprise-wide open sours software, has gone through a transformation from being initially seen as lacking in security, reliability and support. Like its enterprise software counterpart however, it has emerged from these perceived shortcomings to become an essential part of broader enterprise digital forensic analysis and evidence platforms in organizations both private and public (Barbin, Patzakis, 2002).


Abel, W. (2009). Agents, Trojans and tags: The next generation of investigators. International Review of Law, Computers & Technology,23(1/2), 99.

Barbin, D., Patzakis, J. (2002), "Computer forensics emerges as an integral component of an enterprise information assurance program," Information Systems Control Journal, Vol. 3 pp.25-7.

Barret, N. (2004), "Computer forensics an introduction," Records Management Society Bulletin, No.121, pp.9-10.

Bates, J. (1997), "Fundamentals of computer forensics," International Journal of Forensic Computing, December, 2005.

Berghel, H. (2003), "The discipline of internet forensics," Communications of the ACM, Vol. 46 No.8, pp.15-20.

Erickson, J.(2009, June). App Dev That Delivers. InformationWeek,(1233), 35-39.

Forte, D. (2008). Dealing with forensic software vulnerabilities: is anti-forensics a real danger? Network Security, 2008(12), 18-20.

Alastair Irons. (2006). Computer forensics and records management - compatible disciplines. Records Management Journal, 16(2), 102-112.

ISO 15489-1 (2001), Information and Documentation -- Records Management. Part 1: General, International Standards Organisation, Geneva.

Muller-Seitz, G., & Roger, G. (2009). Is open source software living up to its promises? Insights for open innovation management from two open source software-inspired projects. R & D. Management, 39(4), 372.…[continue]

Cite This Essay:

"Digital Forensics Technology Why Open" (2009, October 09) Retrieved December 8, 2016, from

"Digital Forensics Technology Why Open" 09 October 2009. Web.8 December. 2016. <>

"Digital Forensics Technology Why Open", 09 October 2009, Accessed.8 December. 2016,

Other Documents Pertaining To This Topic

  • Cloud Computing Digital Forensics the

    This means that no deeper view into the system and its underlying infrastructure is provided to the customer." The constant flow of information makes compiling a forensics report on any given item very difficult. Legal issues may also hamper digital forensics in dealing with cloud issues. Cloud computing raises some unique law enforcement concerns regarding the location of potential digital evidence and its subsequent forensic analysis. When a savvy and

  • Computer Forensics for Preventing Email

    i.e. modifying the domain name system. 7. DNS-Based Phishing ("Pharming"): This offense is based on interference in the domain name searching process by modifying the domain name resolution sending the user to a different IP address. 8. Content-Injection Phishing: The phisher introduces fraudulent content into a legitimate website. 9. Data Theft: Malicious code that collects sensitive information stored within the machines in which it is installed. 10. Man-in-the-Middle Phishing: The phisher takes a

  • Cyber Crime Task Force Plan

    Cyber Crime Task Force "Are computer vulnerabilities growing faster than measures to reduce them? Carelessness in protecting oneself, tolerance of bug-filled software, vendors selling inadequately tested products, or the unappreciated complexity of network connectivity has led to…abuse…" (Lukasik, 2011). The evidence is overwhelming that cyber crimes are not only increasing each year, but the sophistication of the attacks is greater each year and the impacts of attacks are more severe each year

  • Information System on Ethical and

    They have a moral obligation to the South African people in this area for many reasons. First, they have an obligation to make certain that they can participate in the global economy to give their citizens the same chances for advancement as other nations. Secondly, they have a moral obligation to do everything possible to keep their citizens safe. When one discusses the topic of security in Information and Communication

  • Cybercrime Cyber Theft Is a

    Think of a bank or mortgage company who is hacked, and the amount of personal data that can be downloaded and used elsewhere ("Cyber Investigations"). In addition, many hackers come into governmental or business computers and crash those servers, place viruses, bots, Trojans, email bombs, etc. -- or mine the data or manipulate the data -- where for competitive advantage or simply "as a prank," this is all part

  • It Risk Management Cyber

    The organizations are usually run by a core group, which divides the different responsibilities of an operation (e.g. spamming, web design, data collection) among the members. The members run their own outer networks to fulfill those responsibilities -- rarely even having contact with each other online. The decentralized structure of the internet, as well as the high levels of anonymity it provides makes it difficult for law enforcement agencies

  • Sl Https De Encryption Ssl Https Is Widely

    In view of this the SSL method with right configuration is considered perfectly sufficient for all commercial purposes.5In order to safeguard the data while in transit it is customary to adopt a practical SSL protocol covering all network services that use TCP/IP to support typical application tasks of communication between servers and clients. (Secure Socket Layer- ( Communication over the internet passes through multiple program layers on a server prior

Read Full Essay
Copyright 2016 . All Rights Reserved