Simultaneous Experimental Investigative Approach towards Digital Forensics
Date
2017-12-08
Authors
Basu, Victor
Journal Title
Journal ISSN
Volume Title
Publisher
Abstract
Digital forensics is a sub-branch of forensic science which revolves around the acquisition and investigation of information acquired from digital sources, which can
often be related to cyber crime. A digital forensic investigation can be associated
with a number of scenarios encompassing public and private domains, ranging from
evidence related to a civil or criminal case in court to an internal investigation of
employees suspected of a data breach within an organization. Understanding the
importance of digital forensics has become really important in this day and age with
the recent advent of hacking attempts at a number of multinational companies
worldwide, whose most prime asset is their data. In addition to safeguarding their
sensitive data from being maltreated, companies are also bound to a host of state,
local and federal rules and regulations when it comes to preservation of data. This
document is a possible representation of investigative approaches adopted by digital
forensic engineers to analyze data that is acquired as part of a forensic investigation.
A data set of a suspected machine along with a couple of removable storage devices
and a cloud storage provider that were used in a data leakage case will be analyzed
using a plethora of forensic analysis tools ranging from file carvers, email retrievers
to database restoration techniques, to name a few.