Digital Forensics

 






What Role Does Digital Forensics Play In A Criminal Investigation?


Name
Institutional Affiliation









Digital Forensics
          While the purpose of digital evidence has not actually changed in the criminal investigation, the capacity with which this evidence is collected has been revolutionalized by the introduction of digital forensics. Digital forensics has been defined as examination and uncovering of digital evidence which is located in electronic and computer networks including mobile phones, computers, and networks. The main purpose of this digital forensics is associated with examining devices which are used to commit such crimes and those devices which contain evidence. The electronic devices store user information, which allows forensic analysts to recover this information. In most events, these devices record time, location and date information. This digital forensic become widely respected and accepted in criminal cases. This essay seeks to unearth, discuss and analyze the role does digital forensics in a criminal investigation.
Computer or Digital forensics has always become indispensable especially in convicting criminals such as sexual predators, terrorist as well as murderers. Most of the terrorist organizations use computer networks and internet to recruit new members while sex predators normally lure their targets over the social networking sites by stalking on their prey. However, most of these criminals fail to evade or cover their tracks especially with using technology in implementing their fraud or crime. They also fail to realize that most computer data and files always remain on its hard drive even after being deleted hence allowing digital investigators to track their activity accurately. Even with deletion of the data which is incriminating, the information remains is a form digital binary because of ‘data remanence’ (Kanelis, 2007). File deletion can rename a file and also hide it from the main user making it easy to retrieve original folder.
Murder, theft, rape, terrorism, extortion, bank robbery plans and even account hackings always leave a trail or devastating mark on their victims. Most often it becomes impossible to identify a digital perpetrator without technology and forensic science (Rynearson, 2007). This technology allows forensic investigators unmask most secrets of crime site. The evidence gathered helps identify murder weapon, the guilty party as well as the identity of the victim. This technology aids forensic experts to have faster and better access to the accumulated data. It also provides accurate details in the identification of delinquents as well as reducing the possibility of mistaken accusations.
The ubiquity of computer devices means that most digital evidence can be present in nearly all crimes. This further offers unique opportunities for forensic investigations. However, most of the proliferation of digital devices is increasing the demand for cyber and digital techniques. This is compounded by the rise and growth in data storage capacity and devices hence adding it to forensic workloads. Intelligence and Law enforcement agencies undertake a lot of digital forensic analyses. These always provide evidence and trail of criminality by exposing tracks and plans for a digital terror attack, exonerating suspects by corroborating with an alibi as well as aiding in investigations (Shinder, 2008). Corporations can also use the digital forensics in their internal investigations such as examining fraud and security breach.
  Nonetheless, computerized databases allow some law enforcement officers search the ‘footwear database’ for vital information on evidence which links the footprint to evidence from other crime sites ( (Mark, 2007). This national footwear database also allows investigating officer to collect evidence on the accused at a faster rate. One of the commonly used forms of identification is fingerprints, and most corporations have adopted this technique to prevent fraud (Linkel, 2008).
Cracking data which is encrypted in most of digital devices and cloud has been enhanced by the tools such as decryption algorithms (Spanford, 2013). An investigator can crack most of these encrypted data by use of a password and private key as well as access the device by brute force. The investigators can also use equipment’s to interference or jam a remote access of digital device in use and obtain encryption keys as well as passwords. Hacking exploits these vulnerabilities which could otherwise be used for criminal or legal purposes. Most of the privacy campaigners have developed their concerns based on the integrity of the digital evidence from such device which has been affected by equipment interference (Ashcroft, 2011).
With the advancement of technology, people embrace the use of cell phones, computers, and digital devices. Digital and cyber forensic experts can normally use these devices in turn in finding traces of evidence in a crime. Global Positioning System which is embedded in most satellite navigation and smartphone systems also aid digital forensics by tracking the exact location of digital footprint source (Doherty, 2009).
The role of digital forensics has been compounded by its response to cybercrimes by collecting digital evidence which is related to these criminal cases. They use methods scientifically proven in collecting, preserving, analyzing and validating the digital evidence suitable in a criminal case (Garfinkel, 2013). This digital evidence always comes in various types and forms such as video, audio files, internet browsing history, email conversation logs and documents (Shinder, (Casey, 2013) 2008). This digital evidence which is collected becomes vital in providing some supporting evidence to the charges mainly against the suspect. Such kind of evidence needs to be carefully evaluated for its accuracy and reliability since they are key factors which can lead to uncertainty especially in probative stages of the cyber-crime investigation.
Moreover, digital evidence can be fabricated towards implicating other parties as well as misdirecting some investigators away. These criminals always hide, destroy and encrypt proof from the internet sources and computer storage by use of utility and shareware software. Hence, forensic investigators are required to conduct thorough investigations into the time and origin of events as well as figuring out how it happened, what transpired and when did it happen as well as who was directly involved (Casey, 2013). 
With these digital forensics, the investigators always follow a set standard which involves isolation of computers to avoid contamination, maintaining a digital copy of storage materials and keeping it in a safe facility to maintain its pristine condition. The best places to get these digital pieces of evidence are intrusion detection systems where information which is collected is analyzed mainly from computer network sources while the system shows results of intrusion and misuse (Garfinkel, 2013). There are people with evil and poor motivation who always seek to disrupt government and business as well as exploiting vulnerabilities in the digital universe. Law enforces hence use digital forensic in battling against these cybercrimes by tracking down terrorists,  stalkers, hackers and cyber fraudsters (Garlfinkel, 2013).This digital evidence sometimes needs forensic tools to retrieve it as it involves deleted files as well as other data fragments found in slack spaces. Tools such as Encase Forensic, OS Forensic, and ProDiscover provide the specialists with efficiency in extracting data and files (Reilly, 2011).
While digital investigators exploit the computer network and systems glitches to gather evidence, some technological limitations can always compromise this computer search. Common protocols especially when handling a cell phone found in a crime site is always to turn its power off. This is always to preserve battery on the phone’s content. Although powering it off can have other consequences as causing downloaded files to be corrupted or having some being lost. With the new technology, digital forensics has adopted a technology which shields the device from actually connecting to mobile carrier’s network. A radio frequency shielded test kind of enclosure boxes always help keep these signal at bay (Casey, 2013).The use of Faraday bag with conductive mesh isolates these mobile devices. These allow the investigators transport the devices to forensic labs while the mobile devices are still turned on.
Most of the challenges within digital forensics are vague legal procedures since most laws always vary from country to country. Even with a search warrant, some evidence can still be suppressed when such forensic methods do not follow the required legal steps. With such inconsistencies and many boundaries in the legal system, it’s quite difficult for forensic investigators to accurately mine the evidence (Liebesfed, 2007). Different national and state legal system still plagues digital forensics. For example when an Estonian citizen was finally charged with digital crimes I the year 2007, Russia, in turn, refused to give Legal Corporation since it had not ratified computer crime laws (Ashcroft, 2011). This made Russia a victim of severe DDOS attacks mainly for lack of its cooperation
In addition to this faulty legal system, some technical hiccups such as accessibility to the advanced technology can be afflicting the digital forensics. With the growth of computer and digital systems, criminals can also abuse the digital systems to commit terrorism, sexual harassment and software theft. Stalkers can also abuse Tor project which is an anonymizing kind of tool for cybercrimes actually to hide their own identities when carrying out their activities. This technology is too advanced for computer trail. As these digital encryption programs keep on growing stronger, forensic investigators need to advance their techniques of decoding the digital evidence (Rynearson, 2007).
Increasing use and adoption of cloud computing which involves the shared computing resources like software, processing, and storage present a great challenge to the forensic practitioners. This is because information and data can change and data can be deleted by another user hence overwriting the other. User’s activity and data records are unlikely to be held in these devices making the device unlikely to yield more evidence. Some victims are also aware of such techniques as hiding their tracks and digital activity. The use anti-forensic techniques which leave trails and trace that can alert these forensic investigators to missing traces of evidence (Swartz, 2007). They adopt the use of encrypted storage with many passwords hence leading to various sections of the digital drive. They also change times and dates associated with various files towards stopping investigators from building such reliable timestamp of events.
In summary, the rapid change and pace of technology, in turn, presents a key challenge to most digital forensic practitioners. New operating system, hardware, and applications need to be researched further on how to reliably get information of such forensic value.    Large volumes of information which are mainly stored on devices make it quite difficult to for prosecutors and investigators fulfill their main obligations under Investigations and criminal act.
In conclusion, the role of digital forensics has been on extracting, reporting and analyzing the digital evidence or information which are extracted legally from network logs, computer storage in such a way it’s able to provide reliability and accuracy on the digital footprints and evidence collected. Computer and internet systems often store some valuable personal and corporate confidential information making it an invaluable tool for personal and private use, the computer networks also provide such convenient processing services and data access making it a natural target for cybercriminal proxies and organizations. According to Kanelis, cybercriminals are people who abuse internet mainly for their benefits and extortion as child pornography, fraud, identity theft and pirated music.




















References


Ashcroft. (2011). Electronic Crime scene Investigation. U.S Department of Justice.
Casey. (2013, Jan 12). Computer forensics in crime. Retrieved from https://graduate.norwich.edu/resources-msisa/articles-msisa/role-of-computer-forensics-in-crime/
Doherty, E. &. (2009). Digital Camera Forensics. Security: Solutions For Enterprise Security Leaders. 46(6), 48-49.
Garfinkel, S. L. (2013). Digital Forensics. American Scientist, . 101(5), 370-377.
Kanelis, P. &. (2007). Digital Crime and Forensic science in cyberspace. Hershey PA: Idea Group Inc.
Liebesfed, D. &. (2007). Digital camera Forensic security: solutions for enterprise security Leaders.
Linkel, M. (2008, March). computer forensics in criminal investigators. Retrieved from -http://resources.infosecinstitute.com/computer-crime-investigation-using-forensic-tools-and-technology/#gref
Mark, L. (2007). Forensics Foreshadowing: Digital evidence as for today's DNA. Minnesota Lawyer (Minneapolis, MN).
R, C. (2011). Issues in digital cyber crime. Chicago: Britannica.
Reilly. (2011). Forensic challenges. Retrieved from https://www.ncjrs.gov/pdffiles1 /NIJ/grants/ 248770.pdf.
Rynearson. (2007). Evidence and crime scene Resonstruction. National crime investigation.
Shinder. (2008). The scene of cybercrime. Retrieved from http://dujs.dartmouth.edu/2013/03/ computer-forensics-in-criminal-investigations/#.WrwQhJPwZBw. 
Spanford, C. &. (2013). Uncertainty and loss of digital evidence.
Swartz, C. S. (2007). Understanding Digital Cinema. Professional Handbook.













References

Ashcroft. (2011). Electronic Crime scene Investigation. U.S Department of Justice.
Casey. (2013). Digitak evidence and computer crime. London: Academic Press.
Garfinkel. (2013). Digital forensics. American scientis.
Garlfinkel. (2010). Digital forensics research. Digital investigations.
Kanelis, P. &. (2007). Digital Crime and Forensic science in cyberspace. Hershey PA: Idea Group Inc.
Liebesfed, D. &. (2007). Digital camera Forensic security: solutions for enterprise security Leaders.
Mark. (2013). Forensics Foreshadowing: digital evidence as for today's DNA.
R, C. (2011). Issues in digital cyber crime. Chicago: Britannica.
Reilly. (2011). Forensic challenges.
Rynearson. (2007). Evidence and crime scene Resonstruction. National crime investigation.
Shinder. (2008). The scene of cybercrime. Academic Press. 
Spanford, C. &. (2013). Uncertainty and loss of digital evidence.
Swartz, C. S. (2007). Understanding Digital Cinema. Professional Handbook.