Computer Forensics Solving Crimes Using

Computer Forensics

Solving crimes using computer forensics

Computers are devices that can be used to store and share information. This crucial function has since been exploited and to make the computer a much more useful device. One way is the Computer Forensics, which is a platform where the computers are used to carry out investigations and analysis on various issues, and majorly crimes. Hence, Computer Forensics is being used to solve criminal cases.

Computer Forensics is a scientific study of computers and computer-related information by investigators or law enforcement agencies. This kind of science is used to analyze crimes such as homicides, fraud, embezzlement, child pornography, and any crime that can be carried out using computers. Computer Forensics is used to copy and collect information from a computer, even that which has been encrypted, as well as recover damaged or deleted information.

How Computer Forensics works

Initially, the mechanism was mostly used for interpretation of dumps, where it would be used to copy each keystroke that had been logged into previously. The keystrokes were copied in an array of eight digits, with zeroes being counted as significant as any other digit. Cases of paper were mostly used as the copy material. System analysts would then modify all the interpretations into a conjuration and then interpret its importance into whatever keystroke there was. This was done to each individual interpretation, making it possible to figure out every detail even in a case where there was damaged data.

Over the past few years, there has a lot of development in technology. The computers being developed now are way more advanced and so has Computer Forensics developed to better its performance. However, all the technological developments are based on the basic that idea that was initially used. The mechanism can now be used to retrieve data even from a hard disk that has been wiped clean.

Computer forensics can be used to collect internet-based information such as e-mails and websites visited, as well as find out the latest information to be downloaded using the particular computer. Such information is collected using packet sniffers which are programs that can access all information passing through a computer, and not only information particularly sent to the computer. The packet sniffer can either pick all the information, or just selected what is needed, and at the specific time when the information passed through the computer. This is then copied into a given memory. However, for the packet sniffers to be used, the investigators must have proper authorization depending on what they are investigation. This is to help protect the privacy of computer users.

Computer forensics also works by disk imaging. This is a process where all information on a disk is copied in the form of an image and looked into. Disk imaging copies all files, both active and inactive, unlike when creating a backup where one only copies active files. One advantage of disk imaging is that it provides an extra source of information in the chance that the original disk is deleted or infected by viruses, or damaged in any other way. This is because when analyzing the original data, anything is bound to happen.