Three Types of Digital Forensics Are:
It deals with extracting data from storage media by searching active, modified, or deleted files.
It is a sub-branch of digital forensics. It is related to monitoring and analysis of computer network traffic to collect important information and legal evidence.
It is a division of network forensics. The main aim of wireless forensics is to offers the tools need to collect and analyze the data from wireless network traffic.
It is a branch of digital forensics relating to the study and examination of databases and their related metadata.
This branch deals with the identification of malicious code, to study their payload, viruses, worms, etc.
Deals with recovery and analysis of emails, including deleted emails, calendars, and contacts.
It deals with collecting data from system memory (system registers, cache, RAM) in raw form and then carving the data from Raw dump.
Mobile Phone Forensics:
It mainly deals with the examination and analysis of mobile devices. It helps to retrieve phone and SIM contacts, call logs, incoming, and outgoing SMS/MMS, Audio, videos, etc.
Challenges by : Digital Forensics
Here, are major challenges faced by the Digital Forensic:
The increase of PC’s and extensive use of internet access
Easy availability of hacking tools
Lack of physical evidence makes prosecution difficult.
The large amount of storage space into Terabytes that makes this investigation job difficult.
Any technological changes require an upgrade or changes to solutions.
Example Uses of Digital Forensics
In recent time, commercial organizations have used digital forensics in following a type of cases:
Intellectual Property theft
Inappropriate use of the Internet and email in the workplace
Forgeries related matters
Issues concern with the regulatory compliance
Advantages of Digital forensics
Here, are pros/benefits of Digital forensics
To ensure the integrity of the computer system.
To produce evidence in the court, which can lead to the punishment of the culprit.
It helps the companies to capture important information if their computer systems or networks are compromised.
Efficiently tracks down cybercriminals from anywhere in the world.
Helps to protect the organization’s money and valuable time.
Allows to extract, process, and interpret the factual evidence, so it proves the cybercriminal action’s in the court.
Disadvantages of Digital Forensics
Here, are major cos/ drawbacks of using Digital Forensic
Digital evidence accepted into court. However, it is must be proved that there is no tampering
Producing electronic records and storing them is an extremely costly affair
Legal practitioners must have extensive computer knowledge
Need to produce authentic and convincing evidence
If the tool used for digital forensic is not according to specified standards, then in the court of law, the evidence can be disapproved by justice.
Lack of technical knowledge by the investigating officer might not offer the desired result
Digital Forensics is the preservation, identification, extraction, and documentation of computer evidence which can be used in the court of law
Process of Digital forensics includes 1) Identification, 2) Preservation, 3) Analysis, 4) Documentation and, 5) Presentation
Different types of Digital Forensics are Disk Forensics, Network Forensics, Wireless Forensics, Database Forensics, Malware Forensics, Email Forensics, Memory Forensics, etc.
Digital forensic Science can be used for cases like 1) Intellectual Property theft, 2) Industrial espionage 3) Employment disputes, 4) Fraud investigations.
Cybercrime Attack Types
Cybercrime can attack in various ways. Here, is some most common cybercrime attack mode:
It is an act of gaining unauthorized access to a computer system or network.
Denial Of Service Attack:
In this cyberattack, the cyber-criminal uses the bandwidth of the victim’s network or fills their e-mail box with spammy mail. Here, the intention is to disrupt their regular services.
Theft of software by illegally copying genuine programs or counterfeiting. It also includes the distribution of products intended to pass for the original.
Pishing is a technique of extracting confidential information from the bank/financial institutional account holders by illegal ways.
It is an act of getting one computer system or a network to pretend to have the identity of another computer. It is mostly used to get access to exclusive privileges enjoyed by that network or computer.
Cyber Crime Tools
There are many types of Digital forensic tools