Digital Forensics Types & Challenges

Types of Digital Forensics

Three types of digital forensics are:

1. Disk Forensics:-

It deals with extracting data from storage media by searching active, modified, or deleted files.

2. Network Forensics:-

It is a sub-branch of digital forensics. It is related to monitoring and analysis of computer network traffic to collect important information and legal evidence.

3. Wireless Forensics:-

It is a division of network forensics. The main aim of wireless forensics is to offers the tools need to collect and analyze the data from wireless network traffic.

4. Database Forensics:-

It is a branch of digital forensics relating to the study and examination of databases and their related metadata.

5. Malware Forensics:-

This branch deals with the identification of malicious code, to study their payload, viruses, worms, etc.

6. Email Forensics:-

Deals with recovery and analysis of emails, including deleted emails, calendars, and contacts.

7. Memory Forensics:-

It deals with collecting data from system memory (system registers, cache, RAM) in raw form and then carving the data from Raw dump.

8. Mobile Phone Forensics:-

It mainly deals with the examination and analysis of mobile devices. It helps to retrieve phone and SIM contacts, call logs, incoming, and outgoing SMS/MMS, Audio, videos, etc.


Challenges faced by Digital Forensics

Here, are major challenges faced by the Digital Forensic:

  • The increase of PC’s and extensive use of internet access
  • Easy availability of hacking tools
  • Lack of physical evidence makes prosecution difficult.
  • The large amount of storage space into Terabytes that makes this investigation job difficult.
  • Any technological changes require an upgrade or changes to solutions.

Advantages of Digital forensics
Here, are pros/benefits of Digital forensics
  • To ensure the integrity of the computer system.
  • To produce evidence in the court, which can lead to the punishment of the culprit.
  • It helps the companies to capture important information if their computer systems or networks are compromised.
  • Efficiently tracks down cybercriminals from anywhere in the world.
  • Helps to protect the organization’s money and valuable time.
  • Allows to extract, process, and interpret the factual evidence, so it proves the cybercriminal action’s in the court.
Disadvantages of Digital Forensics
Here, are major cos/ drawbacks of using Digital Forensic
  • Digital evidence accepted into court. However, it is must be proved that there is no tampering
  • Producing electronic records and storing them is an extremely costly affair
  • Legal practitioners must have extensive computer knowledge
  • Need to produce authentic and convincing evidence
  • If the tool used for digital forensic is not according to specified standards, then in the court of law, the evidence can be disapproved by justice.
  • Lack of technical knowledge by the investigating officer might not offer the desired result

Comments

Post a Comment

Popular posts from this blog

OSINT Tool in Termux

Image
The Instagram OSINT Tool gets a range of information from an Instagram account that you normally wouldn't be able to get from just looking at their profile The information includes: [ profile ] : user id, followers / following, number of uploads, profile img URL, business enum, external URL, joined Recently, etc [ tags & mentions ] : most used hashtags and mentioned accounts [ email ] : if any email is used any where it'll be displayed [ posts ] : accessability caption, location, timestamp, caption, picture url, etc ( yet not working correctly with posts instagram marks as 'sensitive cotent' ) How To Install apt update && upgrade -y Pkg install git pkg install python3 git clone https://github.com/th3unkn0n/osi.ig.git && cd osi.ig python3 -m pip install -r requirements.txt Usage python3 main.py -u username
Read more

Active Directory Ransomware Attacks

Image
    Organizations worldwide use Active Directory (AD) as their primary identity service , which makes it a top target for ransomware attacks . This article explains how adversaries exploit Active Directory during ransomware attacks and provides strategies and tools for defending against this modern menace. The two phases of a ransomware attack A common misconception about ransomware attacks is that they are quick: Someone opens an infected email attachment or inserts an infected USB device , and within minutes data across the network is encrypted and a ransom demand is displayed on every screen . The reality is quite different. Ransomware attacks today tend to be quite sophisticated and methodical . To encrypt as much sensitive information as possible and therefore maximize the chances of receiving a high payout , attackers proceed in two phases: Find an entry point — The first step is to gain a foothold in the victim organization ’s network . One common strategy is to comp...
Read more

How to perform a Man-in-the-middle (MITM) attack with Kali Linux

Image
Learn how to perform a Man in the middle attack with arpspoof, driftnet and urlsnarf in Kali Linux In this article, you will learn how to perform a MITM attack to a device that's connected in the same Wi-Fi networks as yours. Requirements This article assumes that you know what is a network interface and you know to how to work with Kali Linux and the command line. Before starting, you will need to know the name of the Network interface (installed on your machine) and the IP of the router that provides Wi-Fi access. The Network Interface Name can be easily obtained as running the ifconfig command on a terminal, then from the list copy the name of the interface that you want to use. The IP of the router can be obtained executing ip route show on a terminal and a message like "default via [This is the router IP]". From the victim, you will only need the IP (the user needs to be connected to the network provided by the router). The process of obtaining the device IP of the v...
Read more