Digital forensics is a young but rapidly evolving discipline. Borrowing from principles that have proven themselves in the physical world, it faces challenges that are unique to the cyberspace domain (Caloyannides, Memon, & Venema, 2009). Digital forensics has grown from a relatively obscure tradecraft to an important part of many investigations (Garfinkel, 2010). Garfinkel went on to say that digital forensic tools are now used on a daily basis by examiners and analysts within local, state and federal law enforcement; within the military and other US government organizations; and within the private e-Discovery industry. Vacca (2009) defined digital forensics as, “the application of computer science and investigative procedures for a legal purpose involving the analysis of digital evidence” (p. 305). According to Caloyannides, Memon, & Venema, (2009), electronics have slowly but unavoidably become record keepers of human activity. This trend accelerated with the introduction of PCs, handheld devices, the Internet, and the convergence of computing, multimedia, and telecommunications (Caloyannides et al.). Digital forensics as a field can be divided into two subfields: network forensics and host-based forensics (Vacca, 2009). Vacca stated that network forensics focused on the use of captured network traffic and session information to investigate crime whereas host-based forensics focused on the collection and analysis of digital evidence from individual systems. Digital forensics has become prevalent because modern day life includes a variety of digital devices that can be exploited for criminal activity, not just computer systems (Reith, Carr, & Gunsch, 2002).
Caloyannides, M. A., Memon, N., & Venema, W. (2009, March/April). Digital forensics. IEEE Security and Privacy, 16-17. Garfinkel, S. L. (2010). Digital Forensics research: The next 10 years. The Proceedings of the Tenth Annual DFRWS Conference,...
Please join StudyMode to read the full document