This website uses cookies to ensure you have the best experience. Learn more

Computer Forensics Essay

4003 words - 17 pages

International Journal of Digital Evidence

Fall 2007, Volume 6, Issue 2

Computer Forensic Analysis in a Virtual Environment
Derek Bem Ewa Huebner University of Western Sydney, Australia

Abstract In this paper we discuss the potential role of virtual environments in the analysis phase of computer forensics investigations. General concepts of virtual environments and software tools are presented and discussed. Further we identify the limitations of virtual environments leading to the conclusion that this method can not be considered to be a replacement for conventional techniques of computer evidence collection and analysis. We propose a new approach where two environments, ...view middle of the document...

An example scenario is described to illustrate our approach. We took a small Windows XP system, created a forensic image of its hard disk, and demonstrated the advantages of using two environments. The example shows that the correct application of a virtual environment approach results in a less time spent on analysing the evidence, giving more chance of discovering important data, and allowing less qualified personnel to be involved in a more productive way. We decided to use only free and readily available utilities to allow everyone to repeat our experiment, and to encourage the reader to try experimenting with their own cases.

www.ijde.org

International Journal of Digital Evidence What is a Virtual Machine

Fall 2007, Volume 6, Issue 2

Virtual machine (also known as ‘VM’) is a software product which allows the user to create one or more separate environments, each simulating its own set of hardware (CPU, hard disk, memory, network controllers, and other components) and its own software. Ideally each virtual machine should behave like a fully independent computer with its own operating system and its own hardware. The user can control each environment independently and, if required, network virtual computers together or connect them to an external physical network. While this approach is powerful and flexible, it requires a lot of additional resources, because each virtual computer uses real hardware components present in the computer it runs on. It should also be noted that virtual machine software is complex, and many compromises and restrictions are to be expected. Anyone attempting to use it should have a good understanding of what can and cannot be achieved. Virtualisation is an old concept, first introduced in the 1960s with the appearance of mainframe computers. It was re-introduced to personal computers in the 1990s, and currently major products available are: Microsoft Virtual PC (Microsoft Virtual PC 2007), VMWare software tools range (VMWare, 2007), an open source (free) software QEMU (Bellard, 2007), and a few others.

Computer Forensics And Virtual Machine Environments The conventional computer forensics process comprises a number of steps, and it can be broadly encapsulated in four key phases (Kruse II & Heiser, 2002): • • • • Access Acquire Analyse (the focus of this paper) Report

During the acquire phase an investigator captures as much live system volatile data as possible, powers down the system, and later creates a forensic (bit by bit) image of all storage devices (Brown, 2005). An image of a storage device is typically acquired using one of many dd based tools (Nelson, Phillips, Enfinger, & Steuart, 2006). This image is stored in the dd format (Rude, 2000), or a proprietary format typically based on dd (Bunting & Wei, 2006). The image is an identical copy of the original disk. It should be noted, however, that the old rule where the image of a hard disk was assumed to be identical with the original hard...

Other Papers Like Computer Forensics

Re: Lesson 06 Discussion Question Essay

2837 words - 12 pages Guide to Computer Forensics and Investigations Fourth Edition Chapter 4 Data Acquisition Objectives • List digital evidence storage formats • Explain ways to determine the best acquisition method • Describe contingency planning for data acquisitions • Explain how to use acquisition tools Guide to Computer Forensics and Investigations 2 Objectives (continued) • Explain how to validate data acquisitions • Describe RAID acquisition

New Technology in My Field Research Essay

737 words - 3 pages Abstract The study of computer forensics has quickly emerged and technology used in theis type of forensics is being developed quite rapidly. As swiftly as the field and its importance are growing, many practitioners still remain unaware of computer forensics and its role in the technological world. A paper provides an overview of the relatively new field of computer forensics. The paper also illustrates why, in the wake of 9-11 and other

Cyber Forensic

1270 words - 6 pages WHAT IS COMPUTER FORENSIC??? * Computer forensics is the collection, preservation, analysis and presentation of computer-related evidence. In summary, it helps determine the WHO, WHAT, WHERE, and WHEN related to a computer-based crime or violation. “ We define computer forensics as the discipline that combines elements of law and computer science to collect and analyze data from computer systems, networks, wireless communications, and

Cyber Forensics

4852 words - 20 pages Introduction What is Cyber Forensics? “Computer forensics, also called cyberforensics, is the application of computer investigation and analysis techniques to gather evidence suitable for presentation in a court of law. The goal of computer forensics is to perform a structured investigation while maintaining a documented chain of evidence to find out exactly what happened on a computer and who was responsible for it” (Techtarget

Ist 454 Project

837 words - 4 pages |[pic] |Term Project Guideline |[pic] | Introduction The intent of this project is for your project group to conduct independent investigation and demonstrate an in-depth knowledge of a specific area related to Computer and Cyber Forensics (or digital forensics). The project can take several forms. Your team may (1) design a hands-on lab

Data-Hiding Techniques

1158 words - 5 pages .). Retrieved June 8, 2014, from http://www.bitpim.org/ CCFP-Why Certify? (2014). Retrieved from https://www.isc2.org/CCFP-why-certify/default.aspx CompTIA Mobililty+. (2014). Retrieved from http://certification.comptia.org/getCertified/certifications/mobilityplus.aspx Easttom, T. (2011). Computer crime investigation and the law. Oxygen Forensics, Inc. (n.d.). Retrieved June 8, 2014, from http://www.oxygen-forensic.com/en/order/oxygen-forensic-extractor Williams, M. (2013, March 28). Techradar.computing. Retrieved from httpwww.techradar.com/us/news/software/applications/best-free-recovery-software-1141256

Information Technology

555 words - 3 pages colleges teach you how to design, develop, implement and manage computer systems and software. Studying computer science at university can lead to a well-paid career anywhere in the world, as a network engineer for large systems, a software developer, security specialist or even forensics analysis. An IT degree might launch your exciting career! StudyLink offers you choice from over 3500 computer and information technology programs and

Assignment 1

477 words - 2 pages intelligence agencies. Computer crime is prosecution is relatively new in this New Age, and the court system is catching up with how to handle computer crimes and that is why computer forensics is coming to the forefront of many criminal cases that has to do with the computer-related crime. A profitable computer crime is credit card fraud, and the criminals know that computer crimes rarely prosecuted because companies and corporations do not want

Intent

323 words - 2 pages October 3, 2013 Dr. Hawkins Office of the Dean Strayer University Dear Dean Hawkins I am writing to you to express my interest to take up graduate studies at Strayer University. I have been aspiring to pursue a Master's degree in Information System at your esteemed university. I completed my Bachelor's degree in Business Administration in 2009 and since then, have been working in a business oriented field, where I work with computer

You Decide

749 words - 3 pages a weapon to commit crimes such as fraud, blackmailing, and theft. Section 4- Technology certifications and their value Technology certificates are essential in the IT field and their value may be enormous. The certificates are many times required for a worker to advance positions in their office. There are countless certificates available in many different areas of information technology. In the computer forensics field some of the more

Cyber Forensics

5441 words - 22 pages Dis c lai m er • Even though this class touches on quite a few legal topics - nothing should be construed as advice or legal instruction • Before performing many of the skills learned this week on a computer other than your own, you may need to seek permission (possibly written) and or seek advice from your own legal counsel. Forensics Whereas computer forensics is defined as "the collection of techniques and tools used to

Related Essays

Computer Forensics Tools Essay

1779 words - 8 pages Computer Forensics Tools Strayer University E-Support Undelete Plus is powerful software that can quickly scan a computer or storage medium for deleted files and restore them on command. It works with computers, flash drives, cameras, and other forms of data storage. Deleting a file from your computer, flash disk, camera, or the like does not mean it is lost forever. Software doesn’t destroy files when it deletes, it simply marks

Computer Forensics Analysis Project

825 words - 4 pages Computer Forensics I (FOR 240-81A) Project #3 Case Background The Suni Munshani v. Signal Lake Venture Fund II, LP, et al suit is about email tampering, perjury, and fraud. On December 18, 2000, Suni Munshani (Plaintiff) filed a suit against Signal Lake Venture Fund. Mr. Munshani claimed that he was entitled to warrants in excess of $25 million dollars from Signal Lake. In February 2001, Signal Lake Venture Fund II, LP, et al. (Defendant

Computer Forensics And Criminal Justice Essay

997 words - 4 pages {DATE\@ "07/07/2007"}Student's Name: Yasser AliyanAssignment Type: IPCryptography ConceptsUnit: 5Course: ITS660-0702A-01Dr. Prof: Jose M. NievesComputer Forensics and Criminal JusticeCover PageIntro to Computer Forensics{DATE\@ "07/07/2007"}Student's Name: Yasser AliyanAssignment Type: IPCryptography ConceptsUnit: 5Course: ITS660-0702A-01Dr. Prof: Jose M. NievesA good and clear understanding of the relationship between the criminal justice

Computer Forensics And Cyber Crime Essay

701 words - 3 pages Computer Forensics and Cyber Crime Author Institution Computer Forensics and Cyber Crime A security survey or audit can also be referred to as a vulnerability analysis. A security survey is an exhaustive physical examination whereby all operational systems and procedures are inspected thoroughly (Fischer & Green, 2004). A security survey involves a critical on-site examination and analysis of a facility, plant, institution