Search Icon
Advertisement

Digital Forensics

Last updated: January 12, 2017

What Does Digital Forensics Mean?

Digital forensics is the process of uncovering and interpreting electronic data. The goal of the process is to preserve any evidence in its most original form while performing a structured investigation by collecting, identifying and validating the digital information for the purpose of reconstructing past events.

The context is most often for usage of data in a court of law, though digital forensics can be used in other instances.

Advertisement

Techopedia Explains Digital Forensics

The evidentiary nature of digital forensic science requires rigorous standards to stand up to cross examination in court. As a result, there have been efforts by organizations like the National Institute of Standards and Technology, which published the "Guide to Integrating Forensic Techniques into Incident Responses".

Despite this, there are several challenges facing digital forensic investigators:

  • How does one duplicate or preserve evidence without knowing the duplication itself inherently changed the data?
  • Time lines are critical for showing who did what, and when. But digital time stamps are notoriously absent, or can easily be spoofed, in digital data.
  • In order to be able to state conclusively that Action A caused Result B, the concept of repeatability must be introduced. This is very difficult with digital forensics.
Related Question
What’s the difference between a function and a functor?
Advertisement

Synonyms

Digital forensic science, Computer forensics, Cyberforensics

Share this Term

  • Facebook
  • LinkedIn
  • Twitter

Related Terms

Related Reading

Tags

CybersecurityStandardsIT CareersAnalyticsLegalHacking

Trending Articles

Artificial Intelligence (AI)
The Role of Knowledge Graphs in Artificial Intelligence
IT Business
7 Women Leaders in AI, Machine Learning and Robotics
Software
The Best Practices for Managing Cloud Applications
Go back to top