Sign Up Now
Get instant access to over 1 million+ study documents
OR
Already registered? click here to login
By creating your account, you agree to our terms of service, privacy policy and student honor code.
Computer Forensic Tools:
The use of computers in homes, schools, offices, and other places has increased in the past few years due to technological developments. As computers have become important components of modern communication, their increased use has also led to the emergence of computer crimes. Computer crimes basically involve the use of a computer system to carry out an illegal activity. In attempts to lessen the frequency and impact of computer crimes, law enforcement agencies use computer forensic to investigate these offenses. Actually, computer crimes are governed by specific laws and dealt with through conducting a computer forensic investigation (Easttom & Taylor, 2011, p.337). Notably, a computer forensic investigation is usually carried out through the use of computer forensic tools, which help in collection of evidence based on the specific offense.
Programs for Recovering Deleted Files:
There are various programs that can be used for recovering deleted files such as UndeletePlus, Disk Digger, and EnCase Forensics, which are associated with different success rates and particular functions. UndeletePlus is a program that is available for $29.95 and is very easy to use since it involves selecting a drive and clicking the Scan button. The program will then list any or all deleted files it finds or discover in the recovery process (Easttom & Taylor, 2011, p.287). On the contrary, DiskDigger is a freeware, which has a wizard interface that takes the user through the process. This involves...
EnCase Forensics the leader in digital forensics and available for $2,995 since it incorporates various features such as searching across various machines at the same time, automatic tasks, processing huge files at faster speeds, developing templates based on care profiles, and conducting more powerful queries.
These programs not only differ in costs and specific features, they also vary in the type of file systems supported. Since it works under nearly all Windows operating systems, UndeletePlus supports all Windows file systems for hard disk and removable disk drives such as FAT12/16/32, NTFS and NTFS5. As a result, this program is a quick and effective tool for retrieving files that have been accidentally deleted. In contrast, EnCase Forensics support FAT 12/16/32, NTFS, CDFS (CD-ROM), HFS, EXT2 (Linux), UDFS, and UFS (Unix) file systems. DiskDigger has an in-built support for different file systems like FAT12/16/32, NTFS, and exFAT systems.
Costs of Tools for Gathering Evidence from a Cell Phone:
Similar to computers, there are various tools that can be used to collect evidence from a cell phone with varying hardware and extra device requirements. Some examples for these tools include Paraben Software Device Seizure and Cellebrite UFED Ultimate, which differ in costs, features, and hardware requirements. Paraben Software Device Seizure consists of various features like file system acquisitions,…
References:
DeMarco, M. (2012, March 8). Dharun Ravi Found Guilty in Rutgers Webcam Spying Trial.
NJ.com -- True Jersey. Retrieved December 14, 2013, from http://www.nj.com/news/index.ssf/2012/03/state_to_rest_its_case_against.html
Easttom, C. & Taylor, J. (2011). Computer crime, investigation, and the law (1st ed.). Stamford,
CT: Cengage Learning.
"Paraben's Device Seizure." (n.d.). Paraben Corporation. Retrieved December 14, 2013, from http://www.paraben.com/downloads/ds6-brochure.pdf
14, 2013, from http://www.cellebrite.com/images/stories/brochures/UFED-Touch-Ultimate-ENGLISH-web.pdf
It is thus that technologies which work to yield that crucial data from the memory store of any such device have become so valuable to law enforcement in the age of terrorism. According to the Computer Forensics Tool Testing Program (CFTT), "a cellular forensic tool shall have the ability to logically acquire all application supported data elements present in internal memory without modification" (Ayers, 15) This is to indicate that
Zilla Data Nuker Test: Zilla Data Nuker Software Title Files created or downloaded leave a trace even when deleted. These traces allow skilled computer forensic professionals to retrieve the data. Zillasoft, LLC, a New England-based software developing entity provides Zilla Data Nuker that "Shreds sensitive files so they cannot be recovered or undeleted" according to the promotional material for the software. (Zilla Data Nuker 2.0) Zilla Data Nuker is freely downloadable from the
Digital Forensics to Capture Data Sources Network Intrusion Prioritizing Data Sources Account Auditing Live System Data Intrusion Detection System Event Log Analysis Malware Installation Prioritizing data sources Activity Monitoring Integrity Checking Data Mining Insider File Deletion Prioritizing data sources Use of Uneraser program Recovers the Deleted Data Network Storage A recent advance in information technology has brought about both benefits and threats to business organizations. While businesses have been able to achieve competitive market advantages through the internet technology, the hackers are also using the opportunities
Computer Forensics: Generally, forensics can be described as the process of using scientific knowledge in the gathering, evaluation, and presentation of evidence to the courts. Since forensics deal with the presentation of evidence to the courts, it basically deals with the analysis and recovery of hidden evidence. In this case, the hidden evidence may be in several forms including fingerprints, blood stains, and DNA evidence. On the other hand, computer forensics
Forensic Lab Forensic crime labs are important institutions within the criminal justice system and each lab must be up to standard in order for this system to operate at a high and fair level. A good crime lab begins with a good design based on solid fundamentals and thorough planning. The purpose of this essay is to design a digital forensic crime lab that can be used in a university setting.
DIBS Forensic Workstation - Complete solution for problems faced by investigator of computer crimes; FREDDIE - Forensic recovery of evidence deice diminutive interrogation equipment; EnCASE - Fully integrated forensic application for Windows; and ProDiscover DFT - completely integrated Windows ™ application for the collection, analysis, management and reporting of computer disk evidence. Designed specifically to meet NIST (National Institute of Standards and Technology) standards. (Timberline Technologies, 2005) Harris (2005) states that if anti-forensic