Techniques in Computer Forensics: A Recovery Perspective
نویسندگان
چکیده
Computer forensics has recently gained significant popularity with many local law enforcement agencies. It is currently employed in fraud, theft, drug enforcement and almost every other enforcement activity. The research paper includes the types of attempts to destroy or tamper the files by the culprits and unleashes various recovery techniques, and their significance in different situations from those attempts, which destroy files or inflict physical damage to the computer. The paper also presents the nature and immediate need of enhancing the existing automated forensics tools. The paper gives a quick glance of various methods used by culprits to destroy the information in the electronic storage media and their corresponding forensic approach done by the computer forensic experts in the perspective of recovery.
منابع مشابه
FFCK: The Filesystem Forensics Classifier Kit
Filesystem forensics is a general term to describe the searching and recovery of data that is on a drive that has been damaged or reformatted. There are two common applications for filesystem forensics, data recovery and criminal investigation. Certain factors in the filesystem design can make forensics difficult. If only the raw blocks exist on the disk, then it can be very difficult to determ...
متن کاملCyber Forensics: A Military Operations Perspective
This paper discusses some of the unique military requirements and challenges in Cyber Forensics. A definition of Cyber Forensics is presented in a military context. Capabilities needed to perform cyber forensic analysis in a networked environment are discussed, along with a list of current shortcomings in providing these capabilities and a technology needs list. Finally, it is shown how these t...
متن کاملAn Approach for Digital Forensics Using Behavior Analysis
Computer forensics is the application of investigation and analysis techniques to gather and preserve evidence from a particular computing device in a way that is suitable for presentation in a court of law. Behavior analysis is rooted in the behaviorist tradition and utilizes learning principles to bring about behavior change. Digital forensics is a branch of forensic science encompassing the ...
متن کاملDe-Anonymizing Live CDs through Physical Memory Analysis
Traditional digital forensics encompasses the examination of data from an offline or “dead” source such as a disk image. Since the filesystem is intact on these images, a number of forensics techniques are available for analysis such as file and metadata examination, timelining, deleted file recovery, indexing, and searching. Live CDs present a serious problem for this investigative model, howe...
متن کاملForensic Analysis of YAFFS2
In contrast to traditional file systems designed for hard disks, the file systems used within smartphones and embedded devices have not been fully analyzed from a forensic perspective. Many modern smartphones make use of the NAND flash file system YAFFS2. In this paper we provide an overview of the file system YAFFS2 from the viewpoint of digital forensics. We show how garbage collection and we...
متن کامل