What Is Digital Forensics?
- Sum Up of Digital Forensics
- Real Cases in Digital Forensics
- Development of Digital Forensics
- What Are Digital Forensics Tools?
Sum Up of Digital Forensics
Digital forensics is a branch of crime forensic science，with featured purposes to obtain, restore and analyze data evidence found in digital devices linked to criminal activity, so as to provide a basis and reference for court trials.
- Specifically, digital forensics refers to the process of fixing, identifying, extracting, analyzing, and recording digital evidence.
- It is the science of finding evidence from digital media such as computers, mobile phones, servers, databases, CCTV, DVRs, or the Internet.
- It provides crime investigation teams with the best techniques and tools to solve complex cases, by processing analysis, inspection, identification, and various digital evidence stored on various types of electronic devices.
Because of the abundance of digital data, digital forensics is becoming more and more crucial for investigations everywhere. Nowadays, almost all cases are involved in digital evidence, which is being said that digital forensics plays an irreplaceable role in obtaining and analyzing these pieces of evidence.
As reported, global smartphone users have been exceeded 4.8 billion, which means 58.37% of the world’s population possesses smartphones. With such a lot of digital devices, tons of digital information could be hidden in multiple data forms and come up with numerous digital crime cases.
In addition to mobile phones, the number of electronic devices such as computers, wearable devices, smart cars, and etc, since smart appliances have all increased exponentially in recent years, with unquantifiable data stored in these digital devices.
In specific cases, these data provide investigators with objective and true clues and evidence, which greatly improves the efficiency of law enforcement agencies in solving cases.
From the perspective of Investigators, they have become very skilled in dealing with traditional types of digital evidence, such as short messages, spreadsheets, etc. Though it’s been a lot to learn, the technology is still moving very fast and they could be left behind once stop being trained by more skills and knowledge in their arsenal. With the rapid development of computer and Internet technology, all kinds of disputes, civil cases, and criminal cases related to digital technologies increased sharply. In the process of judgment or disposal of such disputes and cases, digital data has become a kind of important evidence.
Below 2 real cases show digital evidence assists law enforcement agencies and the company’s internal investigators in the process of handling cases.
Real Cases in Digital Forensics
Michael Jackson’s Dead Investigation
At 2:26 pm on June 25, 2009, in the United States, pop star Michael Jackson died of a heart attack in a hospital at the Los Angeles Medical Center. The cause of death was that his private doctor Conrad Morrie injected a lethal dose of propofol and caused Michael Jackson to die of a heart attack. In this case, investigators found a document on Dr. Morrie’s computer showing that he authorized the use of a lethal dose of the drug, which ultimately led to Michael Jackson’s death. Morrie was convicted of manslaughter by the Los Angeles Superior Court on November 7, 2011, and was imprisoned for four years.
Confidential Investigation in Apple
An employee works as an engineer in Apple’s self-driving car department. He chose to leave after working for two and a half years. In the exit interview, he told his department manager that he would join an electric car manufacturer. This aroused the suspicion of the manager. The company’s security department began investigating the employee who was about to leave. They searched his two work mobile phones and a work laptop and found that in the days before leaving his job, the employee had unusually frequent activities on Apple’s intranet. They also found a large number of confidential files downloaded from the company’s database. Faced with questioning, the employee admitted to stealing company data. The matter was handed over to the FBI, and the employee was eventually charged with stealing company trade secrets.
We are living in a rapidly changing world, and nothing changes faster than digital technology. Both of the above two real cases involved digital forensics.
In this regard, let’s find out how does digital forensics develops.
Development of Digital Forensics
- The term “digital forensics” was originally coined for computer forensics and later was referred to cover investigations of any device that can store digital data. It is reported that the first computer crime occurred in 1978 in the USA.
- However, until the 1990s, digital forensics had finally become a formal term that was recognized by the public.
- At the beginning of the 21st century, the national digital forensics policy appeared for the first time.
- During the 21st century, not only the development of digital forensics has been booming in policy, experts, digital forensic lab infrastructure, but tons of supporting tools started emerging, which helps deeply accelerate the scientificity, accuracy in the process of digital forensic investigation with less labor cost.
What Are Digital Forensics Tools?
Due to the various types of digital devices and diverse ways of storing data, there are many multiple digital forensic tools used in the digital forensics process.
Generally speaking, digital forensics includes the following types:
- Computer Forensics
- Mobile Phone Forensics
- Database Forensics
- Video Forensics
At present, there are few solution providers that can cover all types of digital forensics circumstances in the world. The most famous one known as integrated Digital Forensic Solution is SalvationDATA.
Let’s take a look at what digital forensic tools SalvationDATA provides for each type of forensics.
- Computer Forensics: DRS (Data Recovery System) is the next-generation intelligent all-in-one forensic data recovery tool that can help investigators acquire and recover data from both good and damaged storage media like HDD simply and easily.
- Mobile Forensics: SPF Pro (SmartPhone Forensic System Professional) is an all-in-one and user-friendly mobile forensic system. With automatic program to choose the best solution for extracting file system, physical, and logical evidentiary data from several mobile OS like Android, iOS, Symbian, Blackberry, etc, especially from 99% of Chinese brand mobile devices.
- Database Forensics: DBF6300 is the most leading database forensic product that covers the main types of relational databases currently, aiming to resolve the problems about the deleted & damaged database files, damaged file system, restriction of application system accessibility.
- Video Forensics: VIP (Video Investigation Portable) 2.0 is capable of accessing the normal or even non-functioning DVR surveillance systems such as burnt, watered, and damaged DVRs. Not only can it perform forensic data recovery from password-protected DVR directly but also search and retrieve video clips from live CCTV surveillance systems quickly and easily.
Though the development of Digital Forensics has brought out various supporting tools in the investigators’ arsenal, they still need to be trained in more scientific methodologies, since crimes won’t be as fixed form as to how we presume.
In a more cutting-edge manner, an all-powerful digital forensic lab could be the best infrastructure for digital forensics!
Digital Forensics is a scientific crime investigation method that helps accelerate the efficiency and accuracy of Case Cracking.
With its fast development in the current digital society, various supporting tools, infrastructure, applied by high-quality experts could make a huge difference for digital forensic work.