Phases of Digital Forensics

Following are the phases of digital forensics:

(i) Collection of information/ Pre search consideration

Before reaching the scene of the crime, the expert should have preliminary knowledge about the nature of the cybercrime. This information can be obtained from the first responding officer. Pre-search consideration helps the investigator to physically and mentally prepare for the crime and helps him to carry relevant tools to the scene of the crime. 

Phases of Digital Forensics

Following are the three steps involved in pre-search consideration:

(a) Securing and Evaluating

In this stage, the expert asks questions regarding crime and pays special attention to the safety issues. He also checks the consent issues.

(b) Conducting preliminary interviews

Take the preliminary interview of the owner or user of the computer system found at the scene of the crime. If the system is password protected then an expert may ask the access to the system. Also, try to know the purpose of the use of a computer by the user.

(c) Documentation of electronics found at the crime scene

Record the condition of the system, storage media available, other electronic devices, and other conventional evidence found at the scene of the crime.

Check the power status of the computer and so the photography and sketching of the scene of the crime.

(ii) Identification of digital evidence

This phase includes identifying evidence related to the electronic device in storage media, hardware, operating system, network, and application. This helps the expert to identify the evidence and where it is stored.

(iii) Collection and preservation of digital evidence

After the identification, we need to collect and preserve the electronic device and the data present in it so that the data cannot be tampered by climatic conditions or some unauthorized user. For example, a Hard disk should be collected and preserved in an Anti-static cover so that a charge cannot develop on the surface of the disk which can damage the data stored in it.

(iv) Analysis of digital evidence

After the preservation of the device and data, its analysis is done at the forensic lab. In this phase, the expert makes copies of the data for analysis, recovers the deleted files, and verifies the recovered data. This is the most crucial phase as the whole investigation depends on the analysis of digital evidence.

(v) Documentation of results

After analysis, the data, the conclusion, and the result should be properly documented. The result may have a record that contains all the recovered and available data which helps in recreating the crime scene.

(vi) Presentation

This is the final phase of the investigation in which the report is presented in the court to solve the case.

Related Post:

Popular Posts

Conducting Polymers: Definition, Examples, Properties and Applications

Image
What are Conducting Polymers? As the name suggests organic polymers that conduct electricity are known as conducting polymers. They are also known as intrinsically conducting polymers (ICPs) and they have alternating single and double bonds along the polymer backbone (conjugated bonds) or that are composed of aromatic rings such as Phenylene, naphthalene, anthracene, pyrrole, and thiophene which are connected through carbon-carbon single bonds. Examples: Polyacetylene, Polypyrrole, Polyaniline, etc What is the reason behind conducting nature of these polymers? Conducting polymers comes in two forms that are doped conducting polymers and non-doped conducting polymers. The conductivity of non-doped conjugated polymers is due to the existence of a conductivity band similar to a metal. In a conjugated polymer, three of the four valence electrons form strong sigma bonds through sp² hybridization where electrons are strongly localized. The remaining unpaired electron of each carbon atom re
Read more

Crime Scene: Definition, Types and Characteristics

Image
What is a Crime Scene ? A place where the crime is committed or where the maximum physical evidence related to crime is found is known as a crime scene. A crime scene is a starting point of the investigation which provides information about the suspect and the victim. This helps to reconstruct the crime and fast resolution of the case. It is noted that the crime scene is not limited to a single place but may extend to a wider area depending upon the nature of the crime committed. For example, In a murder case where murder is done at one place and the body is disposed on another place. In this case, we have two crime scenes that give information about the crime. Types of Crime Scene Based on evidence found on the crime scene: 1. Primary Crime Scene The crime scene where the actual crime occurred or where more usable pieces of evidence were found is known as the primary crime scene. For example, A murder scene, theft, assault, etc. 2. Secondary Crime Scene The crime scene which is some
Read more

Raman Spectroscopy: Principle, Instrumentation and Applications

Image
What is Raman Spectroscopy? Raman spectroscopy was given by an Indian Physicist Sir C.V Raman , which is based on inelastic scattering of monochromatic light with the sample. The resulting light will have a different frequency than incident light due to this inelastic scattering.  This technique is widely used to analyze vibrational, rotational, and other low-frequency interactions in the molecule. This significantly helps in the elucidation of molecular structure, identifying functional groups, etc. Principle of Raman Spectroscopy Raman spectroscopy is based on the inelastic scattering of electromagnetic radiation with the molecule. We have two types of scattering that are elastic and inelastic scattering.  Elastic scattering obeys the Rayleigh law that states that there will be no loss of energy and momentum of the incidence radiation and scattered radiation. That's why this scattering is also known as Rayleigh scattering. Whereas, there will be some conditions (1 in million
Read more