Digital forensic is essential in the search and analysis of a large amount of information in the legal process to obtain evidence used in legal cases of cyber-attacks. This paper aims to discuss theories, new developments, and commonalities of some articles on digital forensics and recommendations to Wilmington University concerning digital forensics.
Predictions in Digital forensics research: The next ten years article
After discussing the Golden age of digital forensics, the author made some predictions on the coming digital forensics. Garfinkel (2010) was correct in predicting that legal challenges will limit the scope of forensic investigations. Today legal issues are making computer forensics complicated, expensive, and time-consuming. For instance, it may be challenging to execute an international wiretap order in the global landscape since every region may have its jurisdiction over cybercrimes, limiting them from working beyond borders or with their foreign counterparts (Garfinkel 2010). Additionally, the author predicted that building operating systems and file formats would increase the demand for complex data exploitation tools and the cost of developing such tools. The complexity will require the adoption of standard tools for abstraction and modularization for forensic processing user profiles, file metadata, application profiles, and the internet.
However, Garfunkel (2010) incorrectly predicted that “the growth in the size of storage devices would mean insufficient time for creating a forensic image of a suspect’s device or processing all data at once after obtaining them.” Today there are alternative analysis models to overcome this challenge. These models include stream-based disk forensics and prioritized and stochastic analysis. (Garfunkel, 2010). For instance, Stream-based disk forensics can process the entire disk image as a byte stream, reading from the beginning to the end, ensuring no data is left untouched on the disk.
Research other academic articles recently written in the last five (5) years. What new developments have occurred? What are some of the commonalities of the articles?
The first article: Analysis of Digital Forensic Tools
The article “Analysis of Digital Forensic Tools” focuses on various new development of digital tools for forensic data analysis and phases of digital forensics. Sachdeva et al. (2020) stated that digital forensics analysis follows five steps: “identification, acquisition, analysis, reporting, and presentation.” The authors called for live analysis to investigate the target host and recover the breached data. Some tools included X-WAYS, TRUECRYPT, SANS SIFT, WIRESHARK, autopsy, oxygen forensics, and Hacker combat (Sachdeva et al., 2020). These tools are critical in the execution stage to recover the destroyed data.
The second article: Emerging trends in Digital Forensic and Cyber
Security- An Overview
The article “Emerging trends in Digital Forensic and Cyber security- An Overview” explores new dimensions of digital forensics and Internet of Things forensics. Also, it explains various steps such as identification, recovery, validation, and presentation of evidence in investigating digital crimes. Sharma et al. (2019) shed light on new dimensions of digital forensics, such as social media forensics, IoT forensics, malware, and cloud forensics. Besides, the authors described trending cyber-attacks in firms such as crypto mining attacks, ransomware attacks, and botnets.
Similarities in the two articles.
The two articles tend to focus on similar issues related to digital forensics. Both pieces discussed specific phases for digital forensic investigators in forensic processes. Besides, the articles examine new trends and advancements in digital forensics tools and types of cybercrimes targeted by investigators. For example, the first article discusses advanced digital forensic tools such as X-WAYS, WIRESHARK, and autopsy. Similarly, the second article focused on new digital forensics dimensions such as social media forensics, IoT forensics, and malware.
Recommendations for Wilmington University
Wilmington University is a potential cybercrime target as an institution handling digital operating systems. Thus, I would recommend the university enlighten its system operators about digital forensics. System managers should be aware of anti-forensics conditions that may complicate the forensic process by contaminating stages of investigation or destroying pieces of evidence. The university can adopt the Knowledge Acquisition in autOmated Specification or Keep All Objects Satisfied (KAOS) concept during a forensic situation to help formalize obstacles, responsibilities, goals and steps related to a forensic investigation (Aziz et al., 2013). Hence, the evidence collected would be authentic, believable, reliable, admissible, and complete. Additionally, the university should always consider digital forensic steps such as identification, collection, acquisition, examination, analysis and presentation of evidence (UNODC, 2019). Thus, the university will always run a successful digital forensic process.
In conclusion, Digital forensics helps firms uncover facts related to activities on a computer system or other network devices. Thus every organization should adopt Digital forensics in their operating systems, follow the proper steps, and use up-to-date tools for effective cybercrime investigations.
Garfinkel, S. L. (2010). Digital forensics research: The next ten years. Digital investigation, 7, S64-S73.
Sachdeva, S., Raina, B. L., & Sharma, A. (2020). Analysis of digital forensic tools. Journal of Computational and Theoretical Nanoscience, 17(6), 2459-2467.
Sharma, B. K., Joseph, M. A., Jacob, B., & Miranda, B. (2019). Emerging trends in a digital forensic and cyber security-an overview. 2019 Sixth HCT Information Technology Trends (ITT), 309-313.
Aziz, B., Blackwell, C., & Islam, S. (2013). A framework for digital forensics and investigations: The goal-driven approach. International Journal of Digital Crime and Forensics (IJDCF), 5(2), 1-22.
United Nations Office on Drugs and Crime Drugs (UNODC). (2019). Cybercrime Module 6 Key Issues: Handling of Digital Evidence. Unodc.org. Retrieved 26 July 2022, from https://www.unodc.org/e4j/en/cybercrime/module-6/key-issues/handling-of-digital-evidence.html.