Definition Edit

Cyberforensics is the application of scientifically-proven methods to gather, process, interpret, and use evidence to provide a conclusive description of a cyber attack.

Cyberforensics employs electronic tools to extract data from computer storage media without altering the data retrieved. Cyberforensics techniques may also require the reconstruction of media to retrieve digital evidence after attempts to hide, disguise, or destroy it.[1]

Overview Edit

"Using cyberforensic tools and techniques, cybercrime investigators and examiners gather and analyze electronic evidence. If available, cyberforensic laboratories may be used to extract the electronic evidence and present it in a court-admissible format. The evidence could entail analysis of terabytes of information on multiple electronic devices, the electronic path taken by a fraudulent e-mail, pornographic images stored on a hard drive, or data stored on a mutilated but later reconstructed CD-ROM. The ability to gather electronic evidence and the assurance that cyberforensic procedures do not compromise the evidence gathered can be key to building a case and prosecuting cybercriminals."[2]

References Edit

  1. Cybercrime: Public and Private Entities Face Challenges in Addressing Cyber Threats, at 10 n.4.
  2. Id.

Ad blocker interference detected!

Wikia is a free-to-use site that makes money from advertising. We have a modified experience for viewers using ad blockers

Wikia is not accessible if you’ve made further modifications. Remove the custom ad blocker rule(s) and the page will load as expected.