Cyber Crime and Cyber Terrorism



Download 5,67 Mb.
Pdf ko'rish
bet65/283
Sana19.05.2022
Hajmi5,67 Mb.
#604880
1   ...   61   62   63   64   65   66   67   68   ...   283
Bog'liq
Cyber crime and cyber terrorism investigators handbook by Babak

3. 
Analysis
: evaluating the data to determine the relevance of the information 
to the requirements of the investigation, including that of any mitigating 
circumstances.
4. Reporting
: applying appropriate methods of visualization and documentation 
to report on what was found on the digital evidence that is relevant to the 
investigation.
These four main components underpin the entire investigative process allowing high-
tech investigators and reviewers of the final product to be confident of its authentic-
ity, validity, and accuracy (also see Chapter 4).
An important consideration throughout a high-tech investigation is to maintain 
the “chain of custody” of the exhibit, so that it can be accounted for at all stages of 
an investigation and its integrity maintained. With a physical exhibit this is achieved
in part, through the use of an evidence bag and a tamper evident seal. The integrity 
of digital information is maintained in the form of one-way hash functions, such as 
MD5, SHA-1, and SHA-256. One-way hash functions can be used to create a unique 
digital fingerprint of the data; this means that, when implemented correctly, even a 
small change to the data will result in a completely different digital fingerprint. If 
the physical and digital integrity of an exhibit is maintained then it allows for a third 
party to verify the process performed. This is an important factor in improving the 
chances of evidence acceptance within the legal proceedings.


61
 
The “crime scene”
Whilst each country may have their own guidelines or best practice in relation 
to handling digital evidence the general essence is almost always the same. The 
UK has the Association of Chief Police Officers (ACPO) Good Practice Guide for 
Digital Evidence (
) and in the US there is the Forensic Examination 
of Digital Evidence: A Guide for Law Enforcement (
of the digital data, they are more focused toward the best practices involved in the 
seizure and preservation of evidence. The ability to correctly acquire or process 
digital evidence is extremely important for anyone working in high-tech investiga-
tions. The acquisition of exhibits provides the basis for a solid investigation. If the 
acquisition is not done correctly and the integrity, or the continuity, of the exhibit 
is questionable then an entire case may fail. The salient points will be discussed in 
the next sections.

Download 5,67 Mb.

Do'stlaringiz bilan baham:
1   ...   61   62   63   64   65   66   67   68   ...   283




Ma'lumotlar bazasi mualliflik huquqi bilan himoyalangan ©hozir.org 2024
ma'muriyatiga murojaat qiling

kiriting | ro'yxatdan o'tish
    Bosh sahifa
юртда тантана
Боғда битган
Бугун юртда
Эшитганлар жилманглар
Эшитмадим деманглар
битган бодомлар
Yangiariq tumani
qitish marakazi
Raqamli texnologiyalar
ilishida muhokamadan
tasdiqqa tavsiya
tavsiya etilgan
iqtisodiyot kafedrasi
steiermarkischen landesregierung
asarlaringizni yuboring
o'zingizning asarlaringizni
Iltimos faqat
faqat o'zingizning
steierm rkischen
landesregierung fachabteilung
rkischen landesregierung
hamshira loyihasi
loyihasi mavsum
faolyatining oqibatlari
asosiy adabiyotlar
fakulteti ahborot
ahborot havfsizligi
havfsizligi kafedrasi
fanidan bo’yicha
fakulteti iqtisodiyot
boshqaruv fakulteti
chiqarishda boshqaruv
ishlab chiqarishda
iqtisodiyot fakultet
multiservis tarmoqlari
fanidan asosiy
Uzbek fanidan
mavzulari potok
asosidagi multiservis
'aliyyil a'ziym
billahil 'aliyyil
illaa billahil
quvvata illaa
falah' deganida
Kompyuter savodxonligi
bo’yicha mustaqil
'alal falah'
Hayya 'alal
'alas soloh
Hayya 'alas
mavsum boyicha


yuklab olish