This website uses cookies to ensure you have the best experience. Learn more

Investigators: Digital Evidence Essay

1410 words - 6 pages

Field Report
Investigators must ensure the integrity of all evidence collected, analyzed, processed and presented to a courtroom and jury. The reason that this is important is because the improper collection and analysis of evidence can lead to compromised data and potential damage to a prosecution. The seizure and analysis of digital evidence can be particularly challenging but is just as critical to a case as physical evidence. There are specific procedures that must be met to ensure the successful collection and analysis of digital media and guidelines or best practices for collection of all evidence, both physical and digital that must be followed. Conducting the proper steps in an investigation regarding the collection and processing of evidence and the proper chain of custody requirements can ensure a successful outcome in solving a case and a successful prosecution.
The first and most important step in the entire process for collecting evidence is to document the scene. It is extremely critical that an investigator capture as accurate a depiction of a crime scene as possible (Solomon, Rudolph, Tittel, Broom, & Barrett, 2011). This can be accomplished in a number of ways. These include taking a photograph of the scene to preserve the original image of the scene for a judge and jury. Investigators can also take images of a computer system. It is necessary to take hash images of volatile data first as volatile data relies on a constant flow of electricity to keep in system memory. Things that are considered volatile are registers, the system casche, routing tables, kernel statistics, memory, temporary file systems, disks and archived media (Soloman, Rudolph, Tittel, Broom, & Barrett, 2011). The first thing an investigator should do aside from photographing the scene is to take a system hash image of seized digital items. If a system is in the process of deleting what could be valuable evidence, it should be immediately unplugged to try and preserve data. Before removing digital evidence from a business or a home, a forensic investigator should also take note of network connections in use, open ports, applications and the date and time of the system. When digital items are removed and transported, they should never be transported in plastic. The battery in cell phones should be removed and the items should be placed in paper anti-static bags. Any interference from cell towers and other electronic devices could damage evidence. Investigators always want to maintain the last known state of digital items. Any changes to the date and time of a system or new data being transmitted to a system could overwrite existing data and that could jeopardize an investigation (National Forensic Science Technology Center, n.d.).
Preserving evidence collected and conducting proper analysis of systems for extraction of evidence is a very meticulous process. There are many ways in which forensic examiners can extract information from computer systems. All...

Find Another Essay On Investigators: Digital Evidence

Selective Imaging and Analysis Concept for Forensic Solutions

1602 words - 7 pages the data items that seem to be relevant to the crime. In additions, distributing computer forensic analysis task among different machines and several investigators is highly required today [Roussev and Richard, 2005] to come out with an evidence in acceptable time. In this research paper, a computer forensics investigation process with an efficient imaging and scalable analysis is proposed. The imaging process is based on the selective imaging

Methods in the Coud Computing Environment

867 words - 4 pages As ISO/IEC 27037 addresses the process of how the digital evidences are to be handled but all these processes addresses the traditional digital environment. But as with the development of cloud the scenario has changed a lot. Cloud computing brings new challenges in front of investigators. These challenges may include various issues like virtualization of servers to multiple locations, dependence on CSP for access to logs etc. So in the

Digital Collection

935 words - 4 pages 1. Describe at least 5 steps in a process to collect digital evidence to the time you testify that you consider important. Please explain why they are important. For this particular example we will assume that the warrant for search and seizure was requested and executed lawfully and did not violate any part of the Fourth Amendment. 1. First and Foremost… Having the right person to do the job. Computer forensic investigators have the tough job

Computer Forensics: Issues in Preserving Digital Evidence and Forensic Investigation

1931 words - 8 pages Technology is constantly changing, and as the capabilities change, so do the issues in Forensic information technology (FIT). FIT is defined as the scientific use or application of information technology (IT) that is used to generate and present digital evidence to be used in courts, legal or other formal proceedings (Volonio). While the use of technology helps get things done faster, it also can present many issues if the proper procedures and

Artificial Intelligence Applied to Computer Forensics

952 words - 4 pages with correlation feature showed an effective way to open important evidence by checking data separately without analysis phase. Furthermore this impressive feature also expanded to include all variety range of situations and addition new agents. Learning CBR mechanisms also an evaluating feature in future conducts.The distributed process combined experiment evidence study by experts with the reducing of evidence volume also reduce distributed time taken shown the power of this tool, provide computer forensic experts and investigators faced with the problem of growing digital evidence volume.

Criminal Investigations Unit

934 words - 4 pages follow-up investigation of all criminal offenses reported to the police department (Dantzker, 2003). The investigators receive specialized training and equipment designed to enhance the investigator's abilities to better serve the citizens of the police department. The investigators usually work closely with the Patrol Division and the State Attorney's Office to ensure a positive disposition on each case investigated. (Dantzker, 2003)The Evidence and

CBSC301 Midterm

1236 words - 5 pages Companies Specializing in Computer Forensics and Updates on Computer Crime Prosecution Computer forensics is defined as the act of analyzing digital information in an attempt to discover evidence and report the findings in a legally admissible form. Computer forensics teams are highly trained individuals with ongoing training that helps them keep up with the current trends in computer crime. Certifications qualify these individuals to conduct

Computer Forensics

861 words - 3 pages PAGE PAGE 5 Surname [Writer's name][Professor's name][Course Title][Date]United StatesDescribe the CompanyAccessData is a computer forensic company, it's head quarters is in Utah. It uses the most up-to-date tools for it's digital investigations There are a number of key areas that an organisation needs to think about when considering protection, including investment in prevention and detection systems (e.g. firewalls), education of its

Digital Privacy

763 words - 4 pages . Miller case of 1976 and the Smith v. Maryland case of 1979. In the United States v. Miller case, the defendant attempted to overturn evidence that investigators obtained from his bank. He argued that he had an expectation of privacy under the Fourth Amendment. It was then held by the Supreme Court because it was found that checks and deposit slips sent to banks are actually freely circulated within the institution. It was resulted that Miller in fact

Racketeer Influenced and Corrupt Organizations Case

1648 words - 7 pages digital evidence. Digital evidence is information stored on a computer hard drive, a mobile phone, a CD, and a flash card in a digital camera, or a thumb drive. This evidence can be presented in court as evidence of an electronic crime committed. These types of crimes range from child pornography, identity theft, or credit card fraud. (NIJ, n.d). To ensure a conviction, the evidence must be presented in court but if proper handling measures are

Digital forensic investigation

3193 words - 13 pages assisted. The Internet provides convenience and speed. The security of Internet banking is however questionable as users experience fraudulent activities from time to time. Money is withdrawn from users’ accounts without their knowledge. It is therefore important for users to make sure that they verify the security of the Website before performing any transaction. Digital forensic investigators have a difficult task of collecting forensic evidence, preserving the evidence and analyzing or examining such evidence to make sure that the integrity of the media can be used in future in the court of law.  

Similar Essays

What Is Digital Forensic? Essay

1795 words - 8 pages 1. Introduction The aim of this report is to theoretical cover data preservation, examination of digital evidence, tools and techniques for data capture, preservation and examination with a list of recommendations. In our modern society, computers and other digital devices are becoming ubiquitous. In the late 1970’s the number of crimes that involved digital devices and computers has been increasing rapidly. As a result of that, computer

Research Conclusion Essay

1770 words - 8 pages risk of nonavailability or data loss. Despite these advantages, Grispos, Glisson and Storer (2012) highlighted several challenges that the cloud environment may pose for digital forensic investigators during the collection and analysis phrases of the investigation process. Artifacts, data used that can be used as evidence, are often hard to extract because resources can be redirected and/or disappear destroying the trial of evidence in the

Case Portfolio Essay

1146 words - 5 pages corporations as well as Kazuki. The notebook that were acquired were not organized as well as the files which made them less beneficial. Sticky notes with bank account numbers for wire transfers were found leading investigators to two (2) offshore accounts owned by Mr. Didit. The accounts were empty at the time of investigation. The contents of his trash receptacle were also examined in the event it might contain documents or other digital evidence

Digital Forensics Can Be Used In A Court Of Law

2230 words - 9 pages Digital Forensic is the process of uncovering and interpreting electronic data that can be used in a court of law. It requires a set of standards to show how the information that is gathered, preserve, and analyzed is strictly followed. The analysts need to understand the evolution of the current technology and how it will impact how they gather their information. The investigator is able to uncover evidence and analyze it to gain the