Digital Forensics Portfolio: Cybercrime Investigation Analysis
VerifiedAdded on  2022/08/25
|10
|2487
|20
Portfolio
AI Summary
This Digital Forensics Portfolio delves into the core aspects of cybercrime investigation, digital evidence, and data acquisition. It begins by outlining the challenges and issues influencing cybercrime investigations, including time constraints, victim involvement, and technological limitations. The portfolio then explores adapting digital forensic practices to various contexts, emphasizing the importance of standardization and the use of specific equipment, as well as the skills needed to conduct digital evidence. It also discusses the phases of digital forensic investigations, including data collection and acquisition. The portfolio highlights the importance of logical disk to disk file copy, and the need for expertise to analyze the data gathered. Finally, it includes a personal reflection on the author's experiences with data acquisition and its critical evaluation. The portfolio also discusses the importance of expertise, and the importance of training sessions for experts to enhance their digital skills.
Running head: DIGITAL FORENSICS PORTFOLIO
Digital Forensics Portfolio
Name of the Student
Name of the University
Author Note
Digital Forensics Portfolio
Name of the Student
Name of the University
Author Note
Paraphrase This Document
Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser
1DIGITAL FORENSICS PORTFOLIO
Table of Contents
Introduction................................................................................................................................2
Task 1: Issues that influence the investigation of cybercrimes and current technological
issues in digital forensics.......................................................................................................2
Task 2: Adapting digital forensic practices to multiple contexts and conducting digital
evidence..................................................................................................................................5
Task 3: Personal Reflection...................................................................................................6
References..................................................................................................................................7
Table of Contents
Introduction................................................................................................................................2
Task 1: Issues that influence the investigation of cybercrimes and current technological
issues in digital forensics.......................................................................................................2
Task 2: Adapting digital forensic practices to multiple contexts and conducting digital
evidence..................................................................................................................................5
Task 3: Personal Reflection...................................................................................................6
References..................................................................................................................................7
2DIGITAL FORENSICS PORTFOLIO
Introduction
The concept of Digital Forensics has been regarded as a process by which the
computer evidences preserved, identified, extracted and documented in such a way that these
can later be put under jurisdiction to be represented at court in time of need. Digital forensics
has the ability to track the utilization of digital media from different accessible areas like the
mobile phones, computers, servers or even within a network. The digital forensics are
legalized works carried out by the court of law and a dedicated team that usually works for
finding out evidences of digital use through the resources as mentioned as above (Horsman
2019). This is why, the following report would represent the activities following the digital
forensics procedures and how there are issues that surround these procedures. There would be
detailed discussions about the issues that usually influence the investigation of cybercrimes
and the current technological issues that arise with digital forensics. It would also describe
the adaptations of the forensic practises within multiple contexts for conducting the digital
evidences. In the end, there would be a personal reflection that would describe the learning
and gathering achieved through the entire module.
Task 1: Issues that influence the investigation of cybercrimes and current
technological issues in digital forensics
The application of digital forensics is mostly done to investigate a cybercrime.
However, this is not suggestively as easier as it seems. The cybercrime investigations are
mostly conducted by the group of people identified as First Respondents (Chernyshev et al.
2018). These are the people associated with the law enforcement and mostly belong to the
military police officers’ group, the private investigators, the information technology
specialists or the employees within a workforce who are abiding the law for the cybersecurity
enforcements. The entire process of conducting a digital forensic to investigate a cybercrime
Introduction
The concept of Digital Forensics has been regarded as a process by which the
computer evidences preserved, identified, extracted and documented in such a way that these
can later be put under jurisdiction to be represented at court in time of need. Digital forensics
has the ability to track the utilization of digital media from different accessible areas like the
mobile phones, computers, servers or even within a network. The digital forensics are
legalized works carried out by the court of law and a dedicated team that usually works for
finding out evidences of digital use through the resources as mentioned as above (Horsman
2019). This is why, the following report would represent the activities following the digital
forensics procedures and how there are issues that surround these procedures. There would be
detailed discussions about the issues that usually influence the investigation of cybercrimes
and the current technological issues that arise with digital forensics. It would also describe
the adaptations of the forensic practises within multiple contexts for conducting the digital
evidences. In the end, there would be a personal reflection that would describe the learning
and gathering achieved through the entire module.
Task 1: Issues that influence the investigation of cybercrimes and current
technological issues in digital forensics
The application of digital forensics is mostly done to investigate a cybercrime.
However, this is not suggestively as easier as it seems. The cybercrime investigations are
mostly conducted by the group of people identified as First Respondents (Chernyshev et al.
2018). These are the people associated with the law enforcement and mostly belong to the
military police officers’ group, the private investigators, the information technology
specialists or the employees within a workforce who are abiding the law for the cybersecurity
enforcements. The entire process of conducting a digital forensic to investigate a cybercrime
⊘ This is a preview!⊘
Do you want full access?
Subscribe today to unlock all pages.
Trusted by 1+ million students worldwide
3DIGITAL FORENSICS PORTFOLIO
has several issues to begin with. Mostly, the issues that are faced for the conduction of the
digital forensics for investigating a cybercrime would be described as below:
ï‚· The issue about investing time: The investment of time in the detection of
cybercrimes and also for the most traditional set of crime investigations have
the capability of bringing about the unique challenges. The investigations do
not require investments of time before and this is why, the entire investigation
finally leads to the criminal (Arshad, Jantan and Abiodun 2018). However,
there might even be cases where the entire scenario does not lead to any
arresting of the criminals, even after the investment of a certain amount of
time. Then, there are several cases where the estimated time might lead to a
span of several months, leading to no such clarified result or to the point
where there are no criminals arrested. Such concepts lead to investment of
time and money with no results, thus leading to the occurrences of wastage of
resources.
ï‚· The working with the victims: The investigation of a digital forensic case for
any problem might also lead to potential investigation involving the victims of
the cybercrime (Chernyshev et al. 2018). There are several cases where the
victims of the cybercrimes are psychologically unable to invest themselves
into the recalling of the attacks once again. This is a severe case as they still
become invested in the trauma and do not want to involve themselves to recall
the memories again. The analytical investigation does not house for the
psychological inabilities of the victims and this leads to the further issues in
collecting the required data during the investigation of the cybercrimes.
ï‚· The timeline of investigation workflow: The prosecution of the cybercrimes
usually happens horizontally during the occurrences of the investigation
has several issues to begin with. Mostly, the issues that are faced for the conduction of the
digital forensics for investigating a cybercrime would be described as below:
ï‚· The issue about investing time: The investment of time in the detection of
cybercrimes and also for the most traditional set of crime investigations have
the capability of bringing about the unique challenges. The investigations do
not require investments of time before and this is why, the entire investigation
finally leads to the criminal (Arshad, Jantan and Abiodun 2018). However,
there might even be cases where the entire scenario does not lead to any
arresting of the criminals, even after the investment of a certain amount of
time. Then, there are several cases where the estimated time might lead to a
span of several months, leading to no such clarified result or to the point
where there are no criminals arrested. Such concepts lead to investment of
time and money with no results, thus leading to the occurrences of wastage of
resources.
ï‚· The working with the victims: The investigation of a digital forensic case for
any problem might also lead to potential investigation involving the victims of
the cybercrime (Chernyshev et al. 2018). There are several cases where the
victims of the cybercrimes are psychologically unable to invest themselves
into the recalling of the attacks once again. This is a severe case as they still
become invested in the trauma and do not want to involve themselves to recall
the memories again. The analytical investigation does not house for the
psychological inabilities of the victims and this leads to the further issues in
collecting the required data during the investigation of the cybercrimes.
ï‚· The timeline of investigation workflow: The prosecution of the cybercrimes
usually happens horizontally during the occurrences of the investigation
Paraphrase This Document
Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser
4DIGITAL FORENSICS PORTFOLIO
procedure. On the other hand, the investigation and prosecution at the same
time belongs to the mixture procedure for both horizontal and vertical
procedures that usually depends on the availability and dependency of
expertise and technology. Therefore, the cybercrimes usually do not occur
sequentially or even do not support information flow one after another.
Therefore, it is likely that the specialized cybercrimes do not have the
sequential handling of events.
ï‚· The availability of technology and expertise: The technical approaches that
are taken for advancing to the solution of investigating cybercrimes often are
found to be making the procedure extremely difficult and nearly impossible
due to the nature of the technological availabilities. Only the prosecutors who
are involved within the handling of the cybercrime are involved in this. No
other person can be involved in this procedure (Conti et al. 2018). Moreover,
the occurrences of cybercrimes are such that they can even be automated
unlike any traditional crime occurrences. The law enforcements are thus
naturally forced to apply their prioritizations according to the nature of the law
or even by the severity of it. During this time, the availability of technological
skills and resources are the most affected of the investigation procedures as
they are found to be the most difficult ones.
These are the issues and challenges that the people in the investigation group for
forensics face every now and then during the time of a severe cybercrime investigation.
Task 2: Adapting digital forensic practices to multiple contexts and conducting
digital evidence
The International Organization for Standardization or the ISO is a non-governmental
organization that decide on the natural practises that should be taken for the standardization
procedure. On the other hand, the investigation and prosecution at the same
time belongs to the mixture procedure for both horizontal and vertical
procedures that usually depends on the availability and dependency of
expertise and technology. Therefore, the cybercrimes usually do not occur
sequentially or even do not support information flow one after another.
Therefore, it is likely that the specialized cybercrimes do not have the
sequential handling of events.
ï‚· The availability of technology and expertise: The technical approaches that
are taken for advancing to the solution of investigating cybercrimes often are
found to be making the procedure extremely difficult and nearly impossible
due to the nature of the technological availabilities. Only the prosecutors who
are involved within the handling of the cybercrime are involved in this. No
other person can be involved in this procedure (Conti et al. 2018). Moreover,
the occurrences of cybercrimes are such that they can even be automated
unlike any traditional crime occurrences. The law enforcements are thus
naturally forced to apply their prioritizations according to the nature of the law
or even by the severity of it. During this time, the availability of technological
skills and resources are the most affected of the investigation procedures as
they are found to be the most difficult ones.
These are the issues and challenges that the people in the investigation group for
forensics face every now and then during the time of a severe cybercrime investigation.
Task 2: Adapting digital forensic practices to multiple contexts and conducting
digital evidence
The International Organization for Standardization or the ISO is a non-governmental
organization that decide on the natural practises that should be taken for the standardization
5DIGITAL FORENSICS PORTFOLIO
for the conduction of digital forensic investigations. These standardization for the following
up for the investigation practises are the rules that should be taken in for the accounting of
digital investigations. The phases of these practises involve the valuation for the digital
forensics. There are several phases that should be taken into account. The phases involve the
collection of all the digital devices that should be following up the potential containing of the
data involving the scenario (Maina 2017). The evidentiary value of these devices is the most
as they have the links to all the data incoming and outgoing through the networks used to
either send the information or receive them. The devices must be traversed back to the
forensic laboratories or any other required facility as they are required to be have an
acquisition of the analysis for the digital evidences to be collected. This process is mentioned
in the terms of cyber investigation as the static acquisition.
There are incidents where it has been found that the utilization of the procedures for
static acquisition are halted as there are several cases where the process is either haltered or
they are unfeasible. Therefore, in such situations, the procedure for live acquisition is
required. This is the phase where the data is collected from the critical infrastructures and
these systems cannot be powered down because they need to be accessible all the time (Samy
et al. 2017). The volatile and non-volatile data is thus collected form these sources of live
running systems. However, there are chances that the live acquisition technique can sometime
prove to be interfering with the normal functions for the control systems of the otherwise
industrial activities that the running devices offer. These cases can be problematic for such
situations for haltering the normal business purposes.
Digital Forensic Equipment and Cybercrime expertise: There are several cases
during cybercrime investigation that are found to be affecting the prosecution of the digital
forensics at the times of the ongoing investigations. Mostly several equipment is used for the
flawless investigation during the investigation procedure about the digital forensics that the
for the conduction of digital forensic investigations. These standardization for the following
up for the investigation practises are the rules that should be taken in for the accounting of
digital investigations. The phases of these practises involve the valuation for the digital
forensics. There are several phases that should be taken into account. The phases involve the
collection of all the digital devices that should be following up the potential containing of the
data involving the scenario (Maina 2017). The evidentiary value of these devices is the most
as they have the links to all the data incoming and outgoing through the networks used to
either send the information or receive them. The devices must be traversed back to the
forensic laboratories or any other required facility as they are required to be have an
acquisition of the analysis for the digital evidences to be collected. This process is mentioned
in the terms of cyber investigation as the static acquisition.
There are incidents where it has been found that the utilization of the procedures for
static acquisition are halted as there are several cases where the process is either haltered or
they are unfeasible. Therefore, in such situations, the procedure for live acquisition is
required. This is the phase where the data is collected from the critical infrastructures and
these systems cannot be powered down because they need to be accessible all the time (Samy
et al. 2017). The volatile and non-volatile data is thus collected form these sources of live
running systems. However, there are chances that the live acquisition technique can sometime
prove to be interfering with the normal functions for the control systems of the otherwise
industrial activities that the running devices offer. These cases can be problematic for such
situations for haltering the normal business purposes.
Digital Forensic Equipment and Cybercrime expertise: There are several cases
during cybercrime investigation that are found to be affecting the prosecution of the digital
forensics at the times of the ongoing investigations. Mostly several equipment is used for the
flawless investigation during the investigation procedure about the digital forensics that the
⊘ This is a preview!⊘
Do you want full access?
Subscribe today to unlock all pages.
Trusted by 1+ million students worldwide
6DIGITAL FORENSICS PORTFOLIO
law enforcement offices usually lack (Marshall 2018). The tools, accessories, laboratories for
the computers, the recording devices and even storage materials are some of the basic
requirements for the proper investigation of cybercrimes. However, it is often found that the
technologies are often lacking in several law enforcement centres (Pandey et al. 2020). On
the other hands, the experts that are usually conducting the cybercrimes are found to be not
that expertise enough. They are often the people who are hired by the managers and they are
working as full time employees. Mostly, these people are hired because the experts are
resigning at the go as the managers hiring them become unable to meet the needs of the
employees at the right point of time. They need to adapt to their expertise and skills required
for the proper conduction of the requirements to be met for the proper adaptation of carrying
out step by step digital investigation for finding out evidences of the cybercrime. If required,
training sessions can be arranged for the experts to enhance their digital skills.
Task 3: Personal Reflection
The process of data collection and acquisition in digital forensics and my
representation of personal reflection in the subjects would be describe in this section where
my personal opinion on the explanation of the method evaluation of the method and the
personal experiences would be shared. The personal experiences about data collection and
acquisition in digital forensics is gathered with the help of the investigations that I have done
so far in my career. I would represent how the investigation that I have done so far has
reflected on my theoretical idea of data collection and acquisition in digital forensics. The
reflection with personal evaluation and experiences would be discussed in details as below:
Description/ explanation of method: The process of accusation that I particularly
follow is the logical disk to disk file copy compared to the other three methods of acquiring
digital data for evidence. Out of the three other procedures of disk to disk copy, disc image
file, and spares data copy of a file or folder, I prefer the logical disk to disk file copy because
law enforcement offices usually lack (Marshall 2018). The tools, accessories, laboratories for
the computers, the recording devices and even storage materials are some of the basic
requirements for the proper investigation of cybercrimes. However, it is often found that the
technologies are often lacking in several law enforcement centres (Pandey et al. 2020). On
the other hands, the experts that are usually conducting the cybercrimes are found to be not
that expertise enough. They are often the people who are hired by the managers and they are
working as full time employees. Mostly, these people are hired because the experts are
resigning at the go as the managers hiring them become unable to meet the needs of the
employees at the right point of time. They need to adapt to their expertise and skills required
for the proper conduction of the requirements to be met for the proper adaptation of carrying
out step by step digital investigation for finding out evidences of the cybercrime. If required,
training sessions can be arranged for the experts to enhance their digital skills.
Task 3: Personal Reflection
The process of data collection and acquisition in digital forensics and my
representation of personal reflection in the subjects would be describe in this section where
my personal opinion on the explanation of the method evaluation of the method and the
personal experiences would be shared. The personal experiences about data collection and
acquisition in digital forensics is gathered with the help of the investigations that I have done
so far in my career. I would represent how the investigation that I have done so far has
reflected on my theoretical idea of data collection and acquisition in digital forensics. The
reflection with personal evaluation and experiences would be discussed in details as below:
Description/ explanation of method: The process of accusation that I particularly
follow is the logical disk to disk file copy compared to the other three methods of acquiring
digital data for evidence. Out of the three other procedures of disk to disk copy, disc image
file, and spares data copy of a file or folder, I prefer the logical disk to disk file copy because
Paraphrase This Document
Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser
7DIGITAL FORENSICS PORTFOLIO
the well preserved evidence to present in the court proceeding can only be acquired if the
acquisition of data is done with the help of logical disk to disk file. I mostly align it up with
live data acquisition so that the retrieve of the digital device is readily available directly from
normal interface. Simply, switching a computer on and running the programs from the
operating system is possible with the help of live accusation of data which I usually a line
with the logical disk to disk file acquisition format.
Reflection on experience/ critical evaluation of method: The procedure of data
acquisition in Digital forensic with the help of logical disk to disk acquisition for data
retrieval raises the integrity of the evidence and also identify the standardization for
complying with the order of volatility, which is a standardization that normally Digital
forensic investigators should obtain while maintaining the order of sequence of collecting
digital evidence. This is why the method is aligned with live data acquisition format to
maintain the sequence maintaining standardization.
Conclusion based on personal experience: According to the studies that have been
conducted in the above sections, I believe that data acquisition procedure of digital forensics
is extremely necessary to find out the occurrences of cybercrimes and the utilizations of the
devices of the victims to track the cybercriminals from the networks that they have used.
However, there are so many associated challenges along the lines of investigation for
collecting data that at several scenarios, the investigation might not be fruitful for bringing
about a positive investigation result. The issues that are associated with such cases usually
does not let the investigation occur and have an impact on the psychological minds of the
victims as well. The entire procedure is associated with the acquisition of data and
information, which forms the base of investigation. I believe, for this, as it is important to
have an infrastructure at the ready, it is more important to have experts for figuring out the
the well preserved evidence to present in the court proceeding can only be acquired if the
acquisition of data is done with the help of logical disk to disk file. I mostly align it up with
live data acquisition so that the retrieve of the digital device is readily available directly from
normal interface. Simply, switching a computer on and running the programs from the
operating system is possible with the help of live accusation of data which I usually a line
with the logical disk to disk file acquisition format.
Reflection on experience/ critical evaluation of method: The procedure of data
acquisition in Digital forensic with the help of logical disk to disk acquisition for data
retrieval raises the integrity of the evidence and also identify the standardization for
complying with the order of volatility, which is a standardization that normally Digital
forensic investigators should obtain while maintaining the order of sequence of collecting
digital evidence. This is why the method is aligned with live data acquisition format to
maintain the sequence maintaining standardization.
Conclusion based on personal experience: According to the studies that have been
conducted in the above sections, I believe that data acquisition procedure of digital forensics
is extremely necessary to find out the occurrences of cybercrimes and the utilizations of the
devices of the victims to track the cybercriminals from the networks that they have used.
However, there are so many associated challenges along the lines of investigation for
collecting data that at several scenarios, the investigation might not be fruitful for bringing
about a positive investigation result. The issues that are associated with such cases usually
does not let the investigation occur and have an impact on the psychological minds of the
victims as well. The entire procedure is associated with the acquisition of data and
information, which forms the base of investigation. I believe, for this, as it is important to
have an infrastructure at the ready, it is more important to have experts for figuring out the
8DIGITAL FORENSICS PORTFOLIO
data required. Without any of the investigating resources unavailable, the procedure for the
digital forensic investigation would be left unsolicited.
data required. Without any of the investigating resources unavailable, the procedure for the
digital forensic investigation would be left unsolicited.
⊘ This is a preview!⊘
Do you want full access?
Subscribe today to unlock all pages.
Trusted by 1+ million students worldwide
9DIGITAL FORENSICS PORTFOLIO
References
Arshad, H., Jantan, A.B. and Abiodun, O.I., 2018. Digital Forensics: Review of Issues in
Scientific Validation of Digital Evidence. Journal of Information Processing Systems, 14(2).
Chernyshev, M., Zeadally, S., Baig, Z. and Woodward, A., 2018. Internet of Things
forensics: the need, process models, and open issues. IT Professional, 20(3), pp.40-49.
Conti, M., Dehghantanha, A., Franke, K. and Watson, S., 2018. Internet of Things security
and forensics: Challenges and opportunities.
Horsman, G., 2019. Tool testing and reliability issues in the field of digital forensics. Digital
Investigation, 28, pp.163-175.
Maina, S., 2017. Digital Forensic Readiness in Organizations: Issues and Challenges. Journal
of Digital Forensics, Security and Law, 12(4), p.5.
Marshall, H., 2018. 6 Comparative perspectives on digital forensic technology. Emerging
and Advanced Technologies in Diverse Forensic Sciences, pp.81-101.
Pandey, A.K., Tripathi, A.K., Kapil, G., Singh, V., Khan, M.W., Agrawal, A., Kumar, R. and
Khan, R.A., 2020. Current Challenges of Digital Forensics in Cyber Security. In Critical
Concepts, Standards, and Techniques in Cyber Forensics (pp. 31-46). IGI Global.
Samy, G.N., Shanmugam, B., Maarop, N., Magalingam, P., Perumal, S. and Albakri, S.H.,
2017, April. Digital forensic challenges in the cloud computing environment. In International
Conference of Reliable Information and Communication Technology (pp. 669-676). Springer,
Cham.
References
Arshad, H., Jantan, A.B. and Abiodun, O.I., 2018. Digital Forensics: Review of Issues in
Scientific Validation of Digital Evidence. Journal of Information Processing Systems, 14(2).
Chernyshev, M., Zeadally, S., Baig, Z. and Woodward, A., 2018. Internet of Things
forensics: the need, process models, and open issues. IT Professional, 20(3), pp.40-49.
Conti, M., Dehghantanha, A., Franke, K. and Watson, S., 2018. Internet of Things security
and forensics: Challenges and opportunities.
Horsman, G., 2019. Tool testing and reliability issues in the field of digital forensics. Digital
Investigation, 28, pp.163-175.
Maina, S., 2017. Digital Forensic Readiness in Organizations: Issues and Challenges. Journal
of Digital Forensics, Security and Law, 12(4), p.5.
Marshall, H., 2018. 6 Comparative perspectives on digital forensic technology. Emerging
and Advanced Technologies in Diverse Forensic Sciences, pp.81-101.
Pandey, A.K., Tripathi, A.K., Kapil, G., Singh, V., Khan, M.W., Agrawal, A., Kumar, R. and
Khan, R.A., 2020. Current Challenges of Digital Forensics in Cyber Security. In Critical
Concepts, Standards, and Techniques in Cyber Forensics (pp. 31-46). IGI Global.
Samy, G.N., Shanmugam, B., Maarop, N., Magalingam, P., Perumal, S. and Albakri, S.H.,
2017, April. Digital forensic challenges in the cloud computing environment. In International
Conference of Reliable Information and Communication Technology (pp. 669-676). Springer,
Cham.
1 out of 10
Related Documents
Your All-in-One AI-Powered Toolkit for Academic Success.
 +13062052269
info@desklib.com
Available 24*7 on WhatsApp / Email
![[object Object]](/_next/static/media/star-bottom.7253800d.svg)
Unlock your academic potential
Copyright © 2020–2026 A2Z Services. All Rights Reserved. Developed and managed by ZUCOL.