Digital Evidence In Criminal Investigation
After the preservation phase, forensics are required to locate and identify any evidence that can be used to aid the crime case. There are several locations where evidence are usually found such as in the hard drive on the user’s personal computer, laptop, smart phone or tablet (ACPO, 2012). It is also critical that forensics are aware of the intention of the particular investigation. This aids in the forensics' efforts of locating digital evidences that are relevant to the case. For example, in the case of a server intrusion, forensics should look out for signs such as a rootkit installation, analyze configuration files, logs files and etc. These are possible locations and processes where traces of evidence can be picked out from (Carrier and Spafford, 2003).
…show more content…
This can be illustrated by the process of Steganography and encryption using the operating system functions. Steganography is a method of hiding the presence of a message or a file inside another much larger file or message without the forensics knowing it is there in the first place (Westphal, 2003). It is a deliberate act of keeping a message or data hidden. One good example would be hiding pornographic images inside an image
This can be illustrated by the process of Steganography and encryption using the operating system functions. Steganography is a method of hiding the presence of a message or a file inside another much larger file or message without the forensics knowing it is there in the first place (Westphal, 2003). It is a deliberate act of keeping a message or data hidden. One good example would be hiding pornographic images inside an image