Wikia

The IT Law Wiki

Cyberforensics

31,949pages on
this wiki
Talk0

Definition Edit

Cyberforensics is the application of scientifically-proven methods to gather, process, interpret, and use evidence to provide a conclusive description of a cyber attack.

Cyberforensics employs electronic tools to extract data from computer storage media without altering the data retrieved. Cyberforensics techniques may also require the reconstruction of media to retrieve digital evidence after attempts to hide, disguise, or destroy it.[1]

Overview Edit

"Using cyberforensic tools and techniques, cybercrime investigators and examiners gather and analyze electronic evidence. If available, cyberforensic laboratories may be used to extract the electronic evidence and present it in a court-admissible format. The evidence could entail analysis of terabytes of information on multiple electronic devices, the electronic path taken by a fraudulent e-mail, pornographic images stored on a hard drive, or data stored on a mutilated but later reconstructed CD-ROM. The ability to gather electronic evidence and the assurance that cyberforensic procedures do not compromise the evidence gathered can be key to building a case and prosecuting cybercriminals."[2]

References Edit

  1. Cybercrime: Public and Private Entities Face Challenges in Addressing Cyber Threats, at 10 n.4.
  2. Id.

Around Wikia's network

Random Wiki