Dictionary
- - - Term of the Day
      
      ICT (Information and Communication Technology)
      
      ICT (Information and Communications Technology) is the use of computing and telecommunication technologies, systems and tools to facilitate the way information is created, collected, processed, transmitted and stored. It includes computing technologies like servers, computers, software applications and database management systems (DBMSs)... View Full Term
  - - Trending Terms
      Cellular
      Binary
      Viral
      Podcast
      Web
      Website
      App
      Online
      Media
      Soft Copy
- - - Techopedia Terms
      #
      
      A
      
      B
      
      C
      
      D
      
      E
      
      F
      
      G
      
      H
      
      I
      
      J
      
      K
      
      L
      
      M
      
      N
      
      O
      
      P
      
      Q
      
      R
      
      S
      
      T
      
      U
      
      V
      
      W
      
      X
      
      Y
      
      Z
Artificial Intelligence
Cryptocurrency
Data Management
Networking
Cybersecurity
Careers
- Careers
- Job Board
Search
More
Follow us

Advertisements

Digital Forensics

Editor

Last updated: 24 August, 2022

What Does Digital Forensics Mean?

Digital forensics is the process of retrieving, storing, analyzing and preserving electronic data that could be useful in an investigation. This includes information from computers hard drives, mobile phones, smart appliances, vehicle navigation systems, electronic door locks and other digital devices. The goal of the process is to gather, analyze and preserve evidence.

Advertisements

In the United States, the Department of Homeland Security has identified five branches of digital forensics, categorized by how the data is transmitted and where it is stored:

Computer forensics – focuses on recovering and preserving evidence in computers and storage devices such as hard drives and flash drives.
Mobile device forensics – focuses on the recovery and preservation of digital evidence in mobile and wearable devices, such as smartphones, flash drives and and fitness trackers.
Network forensics – focuses on reviewing logs to determine the connection between network access and a criminal action.
Database forensics – focuses on the identification, collection, preservation, reconstruction, analysis and reporting of incidents that have the potential to negatively impact data integrity.
Forensics data analysis – focuses on uncovering patterns in data that might indicate fraudulent activity, especially fraudulent financial activity.

Techopedia Explains Digital Forensics

Digital forensics includes recovering and preserving material found on digital devices during the course of a criminal investigation. The evidentiary nature of digital forensic science requires rigorous standards to stand up to cross examination in court.

The challenges facing digital forensic investigators include:

Extracting data from locked, damaged or destroyed computing devices.
Locating specific data entries in large amounts of data stored locally or in the cloud.
Documenting the digital chain of custody.
Ensuring the integrity of data throughout an investigation.

Digital Forensics Tools

Digital forensic tools can also help ICT managers proactively identify areas of risk. Popular tools include:

Forensic disk controllers – allow the investigator to read a target device's data while preventing its data from being modified, corrupted or erased.

Hard-drive duplicators – allow the investigator to copy files from a suspect hard drive, thumb drive or memory card onto a clean drive for analysis.

Password recovery devices — use machine learning algorithms to crack password-protected storage devices.

Advertisements

Tags

Trending Articles

Advertisements