PricingBlogAbout Us

Digital Forensics Module: File System Analysis Reflection Report

Verified

Added on  2022/09/11

|4
|726
|21
Report
AI Summary
This report is a reflective essay on file system analysis within the context of digital forensics, as part of a module at the University of Hertfordshire. The student reflects on the processes involved, including acquisition, validation, extraction, reconstruction, and reporting. The essay highlights the complexity of the field, particularly focusing on the challenges of data acquisition, ensuring data integrity, and the importance of proper documentation. The student discusses the methodological approach, personal experience, and the impact on their understanding of digital forensics. References to relevant literature support the analysis, and the conclusion emphasizes the critical role of file system analysis in digital crime investigations.
Document Page
Running head: FILE SYSTEM ANALYSIS
FILE SYSTEM ANALYSIS
Name of student
Name of university
Author’s note:
tabler-icon-diamond-filled.svg

Paraphrase This Document

Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser
Document Page
1FILE SYSTEM ANALYSIS
Description of method:
File system analysis involves acquisition, validation, reconstruction and reporting. Each of
these processes are described in details in this context.
Acquisition:
In this process, it is required to obtain those systems where data might be stored (Lanterna
and Barili 2017).
Validation:
Once data is obtained, before it is applied in investigation, it needs to be validated for
ensuring that data is authentic so that integrity of data is maintained. In order to identify
whether a forensic image is original copy of original data, hashing algorithm is often
considered (Quick and Choo 2016).
Extraction:
In this process, data is retrieved. In this process data that are not structured and deleted from
system are obtained (Imran, Aljawarneh and Sakib 2016). Along with this, data is also
processed so that it is applicable for forensic investigation as well.
Reconstruction:
Data that are extracted are reconstructed in this process through application of various data
reconstruction algorithm for example bottom-up tree reconstruction and inference of partition
geometry (Lanterna and Barili 2017).
Reporting:
While analysing files and retrieving data, it is important to track each process and document
those process properly (Quick and Choo 2016). Along with recovered files and data,
document process should include system physical layout containing data that are encrypted or
reconstructed as well.
Reflection on experience:
Application of file system analysis in digital forensic is a complex process as there are
various steps involved in this process and this is already described in details in this context.
However, according to me out of these steps one that was most challenging aspect was data
acquisition. One important thing to note here is that, while obtaining these systems, it needs
to be secured from any access that is not authorized, otherwise data might be modified or
corrupted and this will affect quality of investigation as well.
Typically a copy of data from possible data sources including hard drive and portable media
are obtained and keep original files intact. Therefore, this was a challenging process and it
needs to be done properly. Otherwise it will affect quality of investigation process. While
analysing files and retrieving data, we considered documentation which helped to track each
process and document those process properly. Along with recovered files and data, document
process has included system physical layout containing data that are encrypted or
reconstructed as well. Therefore, this processes should be considered while applying file
system analysis in digital forensic.
Conclusion:
Document Page
2FILE SYSTEM ANALYSIS
Digital forensic is one of the most advanced forensic analysis technique and in this context,
file system analysis plays an important role. The aim of file analysis is to retrieve data as
evidence and these data are stored in computer storage devices like hard disk, CD, DVD and
sometime data are stored in floppy disks as well. File system organizes files where files are
named and arranged logically for storing and retrieving data easily. Digital forensic often
plays an important role in investigation of digital crime for example cyber-crime where
access to data of systems applied by criminals for a crime. Therefore, for me acquisition of
data is most important step and if accuracy is not ensured in this process, then it will affect
overall quality of investigation process.

⊘ This is a preview!⊘

Do you want full access?

icon

Trusted by 1+ million students worldwide

Document Page
3FILE SYSTEM ANALYSIS
References:
Imran, A., Aljawarneh, S. and Sakib, K., 2016. Web data amalgamation for security
engineering: Digital forensic investigation of open source cloud. J. UCS, 22(4), pp.494-520.
Lanterna, D. and Barili, A., 2017. Forensic analysis of deduplicated file systems. Digital
Investigation, 20, pp.S99-S106.
Quick, D. and Choo, K.K.R., 2016. Big forensic data reduction: digital forensic images and
electronic evidence. Cluster Computing, 19(2), pp.723-740.
chevron_up_icon
1 out of 4
circle_padding
hide_on_mobile
zoom_out_icon
logo.png

Your All-in-One AI-Powered Toolkit for Academic Success.

  +13062052269
info@desklib.com

Available 24*7 on WhatsApp / Email

[object Object]
Unlock your academic potential

Copyright © 2020–2025 A2Z Services. All Rights Reserved. Developed and managed by ZUCOL.