Top 10 Digital Forensics Techniques

Recovering data and investigating scams and hacking are serious and intricate jobs. Governments all over the world, multimillion dollar credit cards companies hired digital forensics experts to look into cyber crimes. Here are just 10 techniques many forensics use.

 

1. Image Back-Up:

A detailed copy of files on the computer`s hard drive is done and used to examine the data to prevent damage to the original drive. The backup takes deleted and current files on the drive.

 

2. Packet Sniffing:

This involves sensing things, seeing if the data sensed has any meaning. Data includes user names and passwords, sent and received email and any data that is received that comes through networks.

 

3. IP Address Tracing:

Every computer network is hooked up to an IP Address. This address is what computers use to identify each other. Tracing IP Addresses track the person to the exact address in real life. IP Address tracing may include reverse address look up.

 

4. Email Address Tracing:

Every email that is sent through an IP Address. IP Addresses are always connected to some kind of address in the real world. You can do this by looking through the header of each email.

 

5. Decryption:

Sometimes information is hidden in images, sounds and other files that are hard to catch. Decryption and stag-analysis are needed to obtain the info from the files.

 

6. Drivespy:

The program uses DOS commands to get through the system under inquiry. It does not function in windows.

 

7. TASK:

This shows you all the active processes on the computer in the network.

 

8. Norton Utilities:

These are good in preventative measures and can be used by anyone. However, if the virus is too severe, a digital forensics expert will need to get involved.

 

9. XWays:

They specialize in disk cloning and imaging. The program has the ability to read partitions and file systems as well.

 

10. Pictures:

Inside and outside of the computer, pictures need to be taken. Digital Forensics specialists need to examine the number of drives, to recreate setup and to examine any peripherals.

 

About The Author