Report on Collection and Acquisition in Digital Forensics - AI Module

Verified

Added on 2022/09/06

AI Summary

This report reflects on the processes of collection and acquisition within the field of digital forensics. It emphasizes the significance of these processes in preserving and analyzing digital data for legal and investigative purposes, highlighting the evolution of digital forensics from its early applications in financial crime to its current prevalence in various disputes involving computers and digital devices. The report details the different types of digital forensics, including computer, network, database, and mobile forensics, while focusing on collection and acquisition as primary components of the process. Collection involves identifying and transferring devices and related materials to a lab, whereas acquisition involves gathering digital evidence using methods such as disk-to-disk copy and sparse data acquisition. Furthermore, the report discusses the 'Order of Volatility' that examiners must follow during evidence collection and the importance of utilizing specific tools for acquisition and testing.

Running head: - COLLECTION AND ACQUISITION
COLLECTION AND ACQUISITION
Name of the Student
Name of the University
Author Note

Secure Best Marks with AI Grader

Need help grading? Try our AI Grader for instant feedback on your assignments.

1ARTIFICIAL INTELLIGENCE
Table of Contents
1. Reflection on Collection and Acquisition in digital forensics:..............................................2
2. References:.............................................................................................................................4

2ARTIFICIAL INTELLIGENCE
1. Reflection on Collection and Acquisition in digital forensics:
With the help of this module, I have learnt the fact that digital forensics refers to that
particular method of science that refers to preserving as well as analysing the data that is
present in digitalize form. The data that is gathered through this process can then be utilized
in variously existing court cases well as detection of crime for preventing the same. Digital
forensics had come into existence in the year of early 1970s and was specifically used as a
tool meant for fighting against the financial crime (Bates, Pohly and Butler 2016). In regards
to the present condition, computers as well as digital devices take the form of being an
integral part of the professional as well as the private lives, wherein the methods of digital
forensics are utilized in various disputes.
This method of digital forensic can be of the types of computer forensics, network
forensics, database forensics as well as mobile forensics. This particular procedure of digital
forensics have the inclusion of various processes among which, collection as well as
acquisition form a primary component of the process that deals with the purpose of collecting
data and then storing the same in a safe manner to now allow any other circumstances hamper
the same.
Collection refers to the identification procedure that is carried out where all the
devices that are identified shall be specifically transferred to the laboratory for carrying out
the next processes belonging to the method of analysis (Soltani and Seno 2017). Apart from
the existing devices, DEFR should also specifically carry out the analysis of any existing
materials that has a direct relation to the crime such as the likes of paper, glass hairs, notes or
might as well be other existing commodities of the same category. Every single thing or
commodity that belongs to the crime scene shall be collected to be analysed and then taken to
the detection center for future investigation and reports.

3ARTIFICIAL INTELLIGENCE
Acquisition on the other hand refers to the particular process that is followed for
collecting the digital evidence from that of an electronic media (Montasari et al. 2019). There
is the shared existence of four primary methods that is followed for the purpose of acquiring
data such as the likes of disk-to-disk copy, logical disk-to-disk file, disk to that of image file
as well as sparse copied data belonging to a file or necessarily a folder. I had learnt that the
process of this sparse acquisition is considered to be useful in most of the cases such as
acquiring data from the RAID drives or the largely existing drives. While the collection of
such evidences are done, the examiners should follow a specific sequence wherein the order
is known as “Order of Volatility”. The order is maintained in regards to the data that shall be
arranged from the high volatile to that of the low volatile (Scanlon 2017). This particular tool
must also be utilized for the purpose of acquisition as well as the to perform the tests upon the
test driver keeping aside the suspect drive.

Secure Best Marks with AI Grader

Need help grading? Try our AI Grader for instant feedback on your assignments.

4ARTIFICIAL INTELLIGENCE
2. References:
Bates, A., Pohly, D.J. and Butler, K.R., 2016. Secure and Trustworthy Provenance Collection
for Digital Forensics. In Digital Fingerprinting (pp. 141-176). Springer, New York, NY.
Soltani, S. and Seno, S.A.H., 2017, October. A survey on digital evidence collection and
analysis. In 2017 7th International Conference on Computer and Knowledge Engineering
(ICCKE) (pp. 247-253). IEEE.
Montasari, R., Hill, R., Carpenter, V. and Montaseri, F., 2019. Digital Forensic Investigation
of Social Media, Acquisition and Analysis of Digital Evidence. International Journal of
Strategic Engineering (IJoSE), 2(1), pp.52-60.
Scanlon, M., 2017. Enabling the remote acquisition of digital forensic evidence through
secure data transmission and verification. arXiv preprint arXiv:1712.02529.