Computer Forensics in United States
Computer Forensics
Overview of Computer Forensics in relation to cyber crime: [1] Whereas most forensic processes are comparative in nature (i.e., involving comparison of evidentiary patterns against known samples of fingerprints, DNA, ballistics tests, controlled substances, and tool marks, etc.), computer forensics consists mainly of searching for evidence and artifacts that indicate use, possession, or ownership of digital evidence. For this reason computer forensics is like archeology insofar as the examiner is looking for evidence and artifacts that provide information from the past about who possessed, owned, and used certain things (i.e., computerized files) and for what purposes. And like sciences underlying information technology (e.g., mathematics, physics, electronics, and chemistry), the scientific nature of computer forensics relies upon tested and verified processes recognized in courts of law for identifying and protecting incriminating data.
Resources
Notes and References
- By Joseph F. Hennekey
See Also
- Types of Cybercrime
- Cybercriminal
Further Reading
McQuade, S.C. (2006). Investigating and prosecuting cybercrime. In Understanding and managing cybercrime (pp. 331–403). Boston: Pearson Education, Inc.; Reith, M., et al. (2002, Fall). An examination of digital forensic models. International Journal of Digital Evidence, 1(3); Scientific Working Group on Digital Evidence. (2007, November 5). Available at http://68.156.151.124/index.html.
Leave a Reply