Open In App

Digital Forensics in Information Security

Last Updated : 16 Jun, 2022
Like Article

Digital Forensics is a branch of forensic science which includes the identification, collection, analysis and reporting any valuable digital information in the digital devices related to the computer crimes, as a part of the investigation. In simple words, Digital Forensics is the process of identifying, preserving, analyzing and presenting digital evidences. The first computer crimes were recognized in the 1978 Florida computers act and after this, the field of digital forensics grew pretty fast in the late 1980-90’s. It includes the area of analysis like storage media, hardware, operating system, network and applications. It consists of 5 steps at high level:

  1. Identification of evidence: It includes of identifying evidences related to the digital crime in storage media, hardware, operating system, network and/or applications. It is the most important and basic step.
  2. Collection: It includes preserving the digital evidences identified in the first step so that they doesn’t degrade to vanish with time. Preserving the digital evidences is very important and crucial.
  3. Analysis: It includes analyzing the collected digital evidences of the committed computer crime in order to trace the criminal and possible path used to breach into the system.
  4. Documentation: It includes the proper documentation of the whole digital investigation, digital evidences, loop holes of the attacked system etc. so that the case can be studied and analysed in future also and can be presented in the court in a proper format.
  5. Presentation: It includes the presentation of all the digital evidences and documentation in the court in order to prove the digital crime committed and identify the criminal.

Branches of Digital Forensics:

  • Media forensics: It is the branch of digital forensics which includes identification, collection, analysis and presentation of audio, video and image evidences during the investigation process.
  • Cyber forensics: It is the branch of digital forensics which includes identification, collection, analysis and presentation of digital evidences during the investigation of a cyber crime.
  • Mobile forensics: It is the branch of digital forensics which includes identification, collection, analysis and presentation of digital evidences during the investigation of a crime committed through a mobile device like mobile phones, GPS device, tablet, laptop.
  • Software forensics: It is the branch of digital forensics which includes identification, collection, analysis and presentation of digital evidences during the investigation of a crime related to softwares only.

Previous Article
Next Article

Similar Reads

Information Security and Computer Forensics
Computer forensics (also referred to as Computer forensic science) is a branch of digital forensic science regarding proof found in computers and digital storage media. The aim of computer forensics is to look at digital media in a very forensically sound manner with the aim of distinctive, preserving, recovering, analyzing and presenting facts and
6 min read
Digital Evidence Preservation - Digital Forensics
As the realm of the Internet, Technology, and Digital Forensics constantly expand, there is a need for you to become familiar with the ways they contribute to preserving digital evidence. The fundamental importance of digital evidence preservation is quite clear. Through this article, we want to highlight the necessity to follow a series of steps i
7 min read
Information Classification in Information Security
Information classification is a process used in information security to categorize data based on its level of sensitivity and importance. The purpose of classification is to protect sensitive information by implementing appropriate security controls based on the level of risk associated with that information. There are several different classificat
7 min read
Information Assurance vs Information Security
In the world of modern technologies, the security of digital information is an important aspect. Cyber-attacks and theft, exploitation and loss of data are the constant threats these days. To prevent all these, there is a variety of techniques available. But in all other ways, the two most common and used ways are information Assurance and informat
9 min read
Chain of Custody - Digital Forensics
Chain of Custody refers to the logical sequence that records the sequence of custody, control, transfer, analysis and disposition of physical or electronic evidence in legal cases. Each step in the chain is essential as if broke, the evidence may be rendered inadmissible. Thus we can say that preserving the chain of custody is about following the c
7 min read
Difference between Cyber Security and Information Security
The terms Cyber Security and Information Security are often used interchangeably. As they both are responsible for the security and protecting the computer system from threats and information breaches and often Cybersecurity and information security are so closely linked that they may seem synonymous and unfortunately, they are used synonymously. I
4 min read
Principle of Information System Security : Security System Development Life Cycle
INTRODUCTION: The Security System Development Life Cycle (SSDLC) is a framework used to manage the development, maintenance, and retirement of an organization's information security systems. The SSDLC is a cyclical process that includes the following phases: Planning: During this phase, the organization identifies its information security needs and
7 min read
Difference between Information Security and Network Security
Introduction : Information Security :-Information Security refers to the measures taken to protect and secure information and information systems from unauthorized access, use, disclosure, disruption, modification, or destruction. This includes protecting data and information in physical, technical and administrative ways to ensure its confidential
3 min read
Cybersecurity vs Network Security vs Information Security
The security of a computer network is a crucial task. It is a process of ensuring confidentiality and integrity. A system is said to be secure if its resources are used and accessed as intended under all the circumstances, but no system can guarantee absolute security from several of various malicious threats and unauthorized access. In this articl
3 min read
Introduction of Computer Forensics
INTRODUCTION Computer Forensics is a scientific method of investigation and analysis in order to gather evidence from digital devices or computer networks and components which is suitable for presentation in a court of law or legal body. It involves performing a structured investigation while maintaining a documented chain of evidence to find out e
4 min read