Digital Forensics : Files System

Verified

Added on 2022/09/09

AI Summary

Contribute Materials

Your contribution can guide someone’s learning journey. Share your documents today.

Running head: DIGITAL FORENSICS
DIGITAL FORENSICS
Name of the Student
Name of the University
Author Note

Secure Best Marks with AI Grader

Need help grading? Try our AI Grader for instant feedback on your assignments.

💎 Get Pro

1DIGITAL FORENSICS
Discussions
A file system analysis is done after the data collection and the data acquisition is
done. It is executed after the data has been stored in specific files after they have been
retrieved from the various digital devices. I have learnt that a system of files in a computer is
a manner by which the files are named and then are placed logically in order to store and
retrieve. It can be considered to be as a database and can be called as an index on the storage
devices such as hard disk, CD, DVD and many more (Hilgert, Lambertz and Plohmann
2017). I have learnt that there are various types of file systems those are stored. It includes
FAT file systems, FAT 32 file systems, and NTFS file systems and Ext file systems. I have
known that there are various types of files. These include document files, images, executable
files; excel files, PowerPoint files, web page files and many more. These files are generally
stored in the file systems and from these files; the investigators retrieve the data in order to
investigate the crime. I have learnt that there are various steps in the file system analysis.
These steps include acquisition, validation and discrimination and lastly extraction. I have
studied that acquisition means the investigators retrieve the data from the various digital
devices those are recovered from the crime scene. These are done in four ways as studied by
me. These include disk-to-image, disk-to-disk, logical and sparse (Wani and Bhat 2018).
Next, i have learnt about the validation and discrimination step. The investigators must
validate the image before they analyse it as it make sure the data integrity. I have known that
the investigators use hashing algorithms in order to decide if a forensic image is a precise
image of the original disk or volume. This validates the honesty of the evidence and it can
provided in front of the court of law. The last step is the extraction. I have learned that are
various types of data those are stored like unstructured and deleted data. It is the most
important procedure of file system analysis and I have always known that when a data is
deleted forever but after studying digital forensics i have learnt that after deletion some of the

2DIGITAL FORENSICS
bits of the data remain in the clusters of the hard disk (Vandermeer et al 2018). It is the job of
the investigators to extract these data from the hard disk for a successful investigation. I have
also learnt that the criminal utilise various techniques such as encryption and steganography
in order to hide data but the investigators need to find these in order to retrieve the evidence.
There are various digital forensic tools but among them, the most important tool that I have
seen and used is Autopsy. Autopsy evaluates major systems of files such as NTFS, FAT,
FAT 32 and many more by hashing all the files, extracting the archive files and putting
various keywords in an index (Albanna and Riadi 2017). Some of the types of files are parsed
and then catalogues. From, here I have concluded that files system is very important in digital
forensics and the investigators must analyse them properly with various tools available in
order to retrieve the information for successful investigation.

3DIGITAL FORENSICS
References
Albanna, F. and Riadi, I., 2017. Forensic Analysis of Frozen Hard Drive Using Static
Forensics Method. International Journal of Computer Science and Information Security
(IJCSIS), 15(1).
Hilgert, J.N., Lambertz, M. and Plohmann, D., 2017. Extending The Sleuth Kit and its
underlying model for pooled storage file system forensic analysis. Digital Investigation, 22,
pp.S76-S85.
Vandermeer, Y., Le-Khac, N.A., Carthy, J. and Kechadi, T., 2018. Forensic analysis of the
exfat artefacts. arXiv preprint arXiv:1804.08653.
Wani, M.A. and Bhat, W.A., 2018. Dataset for forensic analysis of B-tree file system. Data in
brief, 18, pp.2013-2018.

1 out of 4

+13062052269

info@desklib.com

Digital Forensics : Files System

Contribute Materials

Secure Best Marks with AI Grader

Related Documents

What is Digital Forensics?

Digital Forensics Assignment

Digital Forensics Discussion 2022

Information Security Management Assesment

ASSIGNMENT WHAT IS DIGITAL FORENSICS?

THE DIGITAL FORENSICS