computer forensics

(redirected from Digital forensics)
Also found in: Acronyms, Wikipedia.

computer forensics

[kəm¦pyüd·ər fə′ren·ziks]
(forensic science)
The study of evidence from attacks on computer systems in order to learn what has occurred, how to prevent it from recurring, and the extent of the damage.

computer forensics

The investigation of a computer system believed to be involved in cybercrime. Forensic software provides a variety of tools for investigating a suspect PC. Such programs may copy the entire hard drive to another system for inspection, allowing the original to remain unaltered.

Another utility compares file extensions to the content within the files to determine if they have been camouflaged with phony extensions. For example, an image file might be renamed as a text document and vice versa. In addition, hard drives can be examined for data that has been deleted (see data remanence).

Network Forensics
In order to identify attacks, "network forensics" deals with the capture and inspection of packets passing through a selected node in the network. Packets can be inspected on the fly or stored on disk for later analysis. See hidden disk areas, forensically clean, slack space, write blocker, file wipe, IDS, Internet forensics and security event management software.

NIST Phases

The National Institute of Standards and Technology "Guide to Integrating Forensic Techniques into Incident Responses" covers four phases, which are briefly summarized below. For the complete 121-page NIST publication, download draft SP 800-86 at

1 - Collection: Identify, label, record and acquire data from possible sources, while preserving the integrity of the data.

2 - Examination: Use manual and automated methods to assess and extract data of particular interest, while preserving the integrity of the data.

3 - Analysis: Use legally justifiable methods and techniques to derive useful information.

4 - Reporting: Describe actions used, explain how tools and procedures were selected, determine what other actions need to be performed, including forensic examination of additional data sources, securing identified vulnerabilities and improving existing security controls. Recommend improvements to policies, guidelines, procedures, tools and other aspects of the forensic process.
References in periodicals archive ?
The role of digital forensics is growing rapidly worldwide with an increased number of cases demanding its experts and their services in solving various crimes.
Systematic approaches to digital forensic engineering; proceedings.
Stewart said: 'It has also been suggested that one of the main factors leading to me winning the Olympus Prize is that I have not come from an (academic) computing background, but I still gained an MSc with distinction in Digital Forensics, which is essentially a computer-related degree.
Content will include information on topics such as network access control and intrusion detection, standards of procedure on computer crime, malicious codes, cryptological techniques and tools for crime investigation, computer virology, watermarking for digital forensics, information retrieval and data mining for crime prevention and prevention, small digital device forensics, legislative developments, and terrorism-related analytical methodologies.
LINDON, Utah -- AccessData Group, a leading provider of digital forensics, cyber security and e-discovery software, today announced that it will for the second year participate in Dell's PartnerDirect program as a Certified ISV Technology Partner in the area of Digital Forensics.
Read the complete SC Magazine Digital Forensics and Online Fraud here: http://www.
This market research study focuses on the global digital forensics market and provides estimation in terms of revenue (USD Billion) from 2015 to 2021.
The firm assists Fortune 100 and AM Law 100 clients with digital forensics, discovery management, and compliance risk assessment.
The partnership will enable Contego to incorporate AccessData's technology, including its Cyber Intelligence and Response Technology, Forensic Toolkit, AD Lab and Mobile Phone Examiner Plus solutions, in the design and deployment of digital forensics laboratories of regional enterprises.
digital forensics laboratory, which will be used to give students studying for
a former police officer, investigator, and cybercrime task force member, introduces students and beginners to digital forensics, its methods, concepts, and labs and tools.
Dell has worked with us to provide a turn key digital forensics solution that enables our clients to get mobile very quickly.

Full browser ?