مدل فرایند تحقیق قانونی چندرسانه ای دیجیتال A multidisciplinary digital forensic investigation process model
- نوع فایل : کتاب
- زبان : انگلیسی
- ناشر : Elsevier
- چاپ و سال / کشور: 2017
توضیحات
رشته های مرتبط مهندسی فناوری اطلاعات و ارتباطات ICT
گرایش های مرتبط مخابرات سیار
مجله افق های تجارت – Business Horizons
دانشگاه اوکلند، نیوزیلند
نشریه نشریه الزویر
گرایش های مرتبط مخابرات سیار
مجله افق های تجارت – Business Horizons
دانشگاه اوکلند، نیوزیلند
نشریه نشریه الزویر
Description
1. The current state of digital forensics The term ‘digital forensics’ originated as a synonym for computer forensics, but later expanded to encompass forensic examination of all digital technologies. Reith, Carr, and Gunsch (2002, p. 2) define computer forensics as ‘‘the collection of techniques and tools used to find evidence in a computer.’’ The same authors, however, explain digital forensics as a broader concept to include (p. 2): The use of scientifically derived and proven methods toward the preservation, collection, validation, identification, analysis, interpretation, documentation, and presentation of digital evidence derived from digital sources for the purpose of facilitation or furthering the reconstruction of events found to be criminal, or helping to anticipate unauthorized actions shown to be disruptive to planned operation. Digital forensics can be broken down into categories, including computer forensics and mobile forensics. Mobile forensics is used to deal with forensic investigation of crimes that involve mobile smart devices, such as smartphones and tablets. Types of data that can be retrieved from these smart devices include call logs, text messages, and contact lists (Da-Yu, Shiuh-Jeng, Sharma, & Huang, 2009; Mellars, 2004). Due to the omnipresent nature of mobile smart devices, they play a substantial role in digital crime. Regardless of their differences, they all carry precious information that can be vital to an investigation (Mohtasebi & Dehghantanha, 2013). To obtain data from a mobile device for forensic analysis, the investigator needs the help of a tool–—and often more than one. Due to the differences in terms of technologies employed, investigators will have to engage different methods and tools depending on the devices involved (Albano, Castiglione, Cattaneo, & de Santis, 2011). The most challenging part is data acquisition, especially when it comes to acquiring data from volatile memory (Dezfouli et al., 2012). As described in the NIST Special Publication 800-101, mobile device forensics is the art of employing science to extract digital evidence from a mobile device under forensically compliant conditions while employing accepted techniques (Jansen & Ayers, 2007).