From Wikibooks, open books for an open world
Jump to navigation Jump to search

Computers and other digital devices are becoming ubiquitous in our modern society. It was inevitable that they would begin to feature as heavily in crime and law. Since the late 1970s the amount of crime involving computers has been growing very quickly, creating a need for constantly developing forensic tools and practices.

From its inception in the 1980s the digital forensics field has grown in popularity and support. Digital evidence is being recognised much more easily in courts and companies are understanding the need for proper forensic processes when investigating employee malpractice. Initially the field grew out of the work and needs of practitioners rather than from academics and scientists; this lead to early digital investigations, tools and practices being ad-hoc and uncertain. Since the early 21st century proper practices and guidelines have helped to formalise the field.

Digital forensics is, at root, a forensic science encompassing the recovery and investigation of material found in digital devices. This book aims to detail the practical, theoretical and legal aspect of a digital forensic investigations. The main focus of the material will be on computer devices, touching on differences with mobile device forensics (a relatively new sub field). In addition the book will discuss legal aspects of working in digital forensics, and give advice for managers in charge of an investigation in their workplace. Finally we will look at the concept of "anti-forensics" and counter measures.

Introduction to Digital Forensics
Introduction So you want to be a forensic analyst