Beginners Guide to Digital Forensics

Those of you who watch any kind of crime drama know what “Forensics” are. They’re little pieces of information like DNA, blood, fingerprints, foot prints, etc. that are put together to form a picture of what happened at a crime scene and to help the investigators find out “who dunit”.

Digital forensics is very similar to this in many ways and really is just another branch of Forensic Science. However is tasked with the finding and/or the recovery of data found in digital devices such as computers, data cards/sticks and mobile phones.

Digital forensics have a number of applications particularly within the police and trying to prove or disprove guilt. They can also be used within the private sector for investigative work They have been used to deal with issues like copyright, privacy, online harassment (cyber bullying and the like), financial fraud and child pornography to name but a few.

You can divide Digital Forensics up into 4 main areas:

Computer Forensics

This area deals, as you would expect, mainly with computers. It is the acquisition of logs, internet history, recovery of deleted or corrupted files from computer hard drives or even from USB Drives and the like. This information can then be used to as evidence against a suspect, or maybe to confirm an alibi or a statements.

Network Forensics

Again, as the name suggest this deals with monitoring and analysing network traffic. This could be on a Local Area Network within an office, or could even be monitoring traffic and gathering evidence from the internet

Forensic Data Analysis

This is mainly used in Fraud cases and can be very in-depth. It uses mountains of data usually to follow money and find out where the fraud has occurred and who by.

Mobile Device Forensics

This is similar to Computer Forensics in so much as there is a data storage area, but the main difference is that Mobile Device Forensics tends to focus on calls, call logs and SMS/MMS messaging to and from the phone. As most smartphone now have built-in GPS capabilities, this discipline can also be used to track movements and again provide alibis or confirm guilt.

As technology moves on, digital forensics has to keep up, from its early incarnations in the late 70’s, to a massive boom in computer crime in the 90’s, to the problems faced nowadays with data encryption, the ever- growing number of digital media devices and the vastness of the internet. Unfortunately if it’s there, someone will find a criminal way to use it, and so Digital Forensics is going to be a growth area for the police and other areas of law enforcement for many years to come.