Digital forensics is of great importance when it comes to investigation and law. This is the acquisition, analysis and presentation of evidence to courts through a scientific collection of the same. When proposing digital forensics equipment, there are various pertinent factors that will need to be taken into consideration include the cost of the tools used in the analysis, the work needed in the forensics investigations and the available devices on the market. This paper is going to discuss two digital forensic tools used, their advantages, drawbacks and the possible usage of the same.
Description and Function of the Tool
The first tool is the forensic toolkit, FTK. It is fast, reliable and stable in the collection of digital evidence. It provides fast processing and filtering of data from multiple sources like phones, laptop, and internet storage. It can be built for distributed processing and can thus include web based processing of the data. It is used in the analysis of the digital evidence in drives and portable devices .
The second tool selected is the forensic systems from Digital Intelligence. The sample is the Forensic Recovery of Evidence, FRED, and the FRED DX system. It is a modular, highly integrated and flexible forensic workstation. The various modules that can be used to make up this workstation provide different functionalities and can be integrated to customize the system to perform set objectives .
Operation in Evidence Collection
The FRED system can be used to find evidence in digital crimes by performing the following activities. It has a 3D image extraction capability and this can be of great importance in the projection of the possible image of the crime scene from the 2D images. This will add another perspective to the analysis and more details on the evidence can be extracted from it. The second way in which this too can assist in forensic investigation is that it has finger print scanners that will easily assist in the collection of finger prints at the site of crime and aid in the forensic investigation. This evidence can be used in a court of law .
Forensic investigators that need to have only relevant data in one place uses this platform. This is of importance since majority of the data obtained in investigations is irrelevant and thus there is always a need to zero-in on only relevant data from the investigation. The evidence of analysis of devices like mobile phones often gives trustworthy and accurate evidence in the legal framework.
Advantages of Tool
For FRED system are as below:
It is modular and thus different components can be assembled on site to perform the given task. This is of great importance especially on machine scalability.
It is easily customizable thus can be adapted to perform various operations depending on the specified needs. It is possible to purchase only the components that will provide the defined functionality .
It has a high human scalability in that the ease of use and the time for use by investigators before getting results is small. It is portable thus can be carried around easily to perform various investigations
Its removable drive can be removed and used in the analysis of the content of the forensic investigation long after the collection and can be stored easily for future references. The portable devices can also assist in the collection of any potential evidence for further analysis
The automatic image analysis assist in the reduction of the time taken by the investigators in the analysis of the evidence collected.
The FTK tool has the advantage of being capable of integrating various formations to detect only the relevant ones for time saving purposes. It can also be of great importance in encrypted files since it can be used to successfully decrypt the files and analysis the content of the files .
Disadvantages of Tool
Its removable drive can easily be tampered with in the event of the investigation. This can arise in the event that a malicious individual wants to modify the content of the devices
The possible drawback of the FTK tool is that it can infringe on the privacy of operators like the access to private information on a subject through phone evidence.
Application
The first application of the FRED system is in 3D digital imaging where a 2D photo evidence of a crime is presented and will be used to project the 3D image based on the setting of the pictures. For example in the 3D modeling of the scene of crime like in a shooting crime scene where the position, projection of the gunman needs to be made.
The FTK system is important in the access of encrypted files and the access of damaged electronic devices information like hard disks for gathering of evidence.
References
AccessData. (n.d.). Forensic Toolkit® (FTK®): Recognized around the World as the Standard Digital Forensic Investigation Solution. Retrieved June 28, 2016, from Access Data: http://accessdata.com/solutions/digital-forensics/forensic-toolkit-ftk?/solutions/digital-forensics/ftk
DIGITAL INTELLIGENCE. (n.d.). forensics systems. Retrieved June 28, 2016, from digita intelligence.com: http://www.digitalintelligence.com/forensicsystems.php
Forensic Tools - 3D Crime Scene. (n.d.). Retrieved June 28, 2016, from aetv.com: http://www.aetv.com/shows/crime-360/videos/forensic-tools-3d-crime-scene
Liebesfeld, J. (2008, May 1). Proposing a Digital Forensics Grange. Retrieved June 28, 2016, from http://www.securitymagazine.com/: http://www.securitymagazine.com/articles/76337-proposing-a-digital-forensics-grange-1
Richard, G. G., & Roussev, V. (2006, February). Nest Generation: Digital Forensics. Communication of the ACM, 49(2), 76-80.
