Introduction
Digital forensic is a widely used method in today’s corporate world. The need for digital forensic is increasing in the trends of the increase of digital crimes. These digital crimes are various types and crimes are increasing with the updating technology. So, in the consequences, digital forensic is the main element of the investigation of the digital crime and thus the investigation has an immense importance. The assessment is focused on the digital forensic investigation and terms and procedures of that.
Digital Forensic
Legal and ethical considerations for investigations and prosecuting digital crimes
The crime that uses digital media is called digital crime. There are many types of considerations when investigating and prosecuting these kinds of digital crimes. Ethical and legal issues are one of the consideration. As Randall and Sarah are sharing the intellectual property of the organisation, they are prosecuting crimes (Stratton, Powell and Cameron, 2017). The legal issues of the case of Randall Simpson and Sarah Jensen such as legislation, acts, laws and every legal condition when investigating. There are also ethical issues when investigating the case with the information about other people’s personal issues. These will affect the ethics of the people who are engaged in the investigation.
The legal issues when prosecuting a crime is avoided and done cautiously so that the person can benefit. Many acts, legislations are made for restricting the digital crime such as the case of suspected intellectual theft (Pithey, 2016). When investigating the issue as a digital forensic officer, there is also the law, legislation, and restrictions on the investigation with the information of Randall Simpson and Sarah Jensen. The investigator must fulfill the legal issues when investigating the case.
Randall Simpson and Sarah Jensen have not maintained their ethical standards when they are involving in intellectual property theft. They have prosecuted the crime and violated the normal ethics of their job. When the investigation is on, the investigator has also the same ethical issues because the person will investigate the data without the informing of the suspected. When the investigator gets the warrant, needs to maintain the legal environment and ethics for the desired information.
Analysis of data on storage media and various file systems
As the mobile devices of Randall and Sarah were in the investigation for being suspected of a digital crime, the investigator gets a warrant for cloud backups the data of the devices. The storage media here is the mobile devices of both. But the primary inspection of the SMS, call records did not found any kinds of logical information (Blitzer, Karen Stein-Ferguson and Jeffrey Huang, 2010). So, the inspector focuses on backups the mobile data of the storage media and analysis of that.
The data of the mobile may be hide or deleted for the security reason by the offenders. There the data may be in form of a FAT file, FAT 32 file, EXT file, or many other kinds of hidden file format. The data need to be converted into an image file so that the hidden or erased data can be found and find the real data. Data image is the bit-copy of the main source data (Gardner, 2012). The analysis of data needs to forensic all the data and find all the data from the device.
Data from NTFS file system of the storage media have so many features to analysis data the file mane is maximum 255 characters, not case sensitive, mainly provides file and folder security, 50% or more than file compression, provides bad cluster services. The data will be analysed by opening the uploaded file and maintaining these. The EXT file systems have a feature of supporting regular files, manage file on big partitions, allows the secure delectation of files (Casey, 2017). The FAT system has 8 characters files only, windows support, not support folder, no local security, fast access to files.
Focused on data of different systems, the data of storage media are analysed by finding all the data of the media by swap space analysis, database analysis, volume analysis, memory analysis and so on.
Collection of electronic evidence
The evidence can be collected from different sources and manners. The original data of the case was the mobile phones of the persons. There was suspicion of the digital crime on both of them. Without compromising the original data from the mobile devices records, the electronic evidence may be collected from the email traffic, personal computers, backup media’s, control logs, internet activity logs, anti-virus logs and so on.
In the case of Randall and Sarah, the original data is the suspicious activity of both by using mobile communication. The evidence can have collected from the backups of their communication and information (Karagiozis, 2005). Also, can be placed on email and other sources. The evidence is located in the mobile device by processed data format. Also, these data are exchanged through the networks and looking for the conversation of two. Most evidence of the case drives on the ROM. When the mobile device is on the inspection, the deleted or hidden data are collected by disk images of all the data. Then the data are analysed and makes decisions. From the disk images, the file needs to be analysed by forensic analysis. In this manner the original data is safe, and the evidence is collected by the investigator.
Functions and features of digital forensics equipment’s
The functions of digital forensics are huge and important. There are functions like computer forensics, mobile device forensics, network forensics, forensic data analysis, database forensics and so on. As digital forensics equipment is used for investigations of a factor, these factors are very important in the process of finding out the results of the investigation. These tools have a wide range of activity such as acquiring data, the report features, helps to find out the results of the investigation, also ensure a concerning effort on the visibility (Hosmer, 2006). The main functions of these forensic equipment’s are to ensure the forensic investigation properly so that the culprit can find out. The full process of investigation is focused on the context of this equipment. The equipment is capable of doing the research and investigation of the matter of the case concerned with Randall and Sarah.
The environments and tools for a digital forensics lab
The need for digital forensic ensures the need for the digital forensic lab so that the investigation of the forensic report can be done. These works also were done for law enforcement. The environment for the digital forensic lab is too much scientific and shaped that ensures all the investigation as a process of work. These kinds of lab need the law enforcement so that the process of scientific investigation is timely with the need. The pressure of work in the lab must be not so high that will make a force on the investigation.
For a digital forensic lab, there are requirements of different tools according to the international standards. The requirements are management requirement, data control, document control, service to the customers, tests, corrective actions and so on. The tools of the lab contain internet, VPN server, routers, switch, virtual machine pool, authentication server, SAN, domain controller and so on (Jones and Valli, 2009). These tools are necessary for a normal forensic lab but for higher standard forensic lab there is a need for high-performance mechanism so that the investigation can be pursued quickly with defaults. There with appropriate hardware, need software, facility space, trained personnel for a digital lab. Also, the lab must be protected for the data security and a safe environment.
Critique and compose technical tactics in digital crimes
Crimes like Randall and Sarah case, the tactics of digital crimes are getting more digitalised in the world. So, controlling the crime is more complex and need of critical tactics. The technical tactics are to give protection of visible assets, isolate threats to eliminate data breaches, total security, pre-planned security, keeping up-to-date systems and inspections. Some techniques are investigative assistance, information gathering and so on. The crimes are used technical tactics also (Oh, 2015). They used highly secure protocols and ensure less electronic evidence. The main problem is there are ethical factors in ensuring digital crime investigations.
The digital forensic investigation process
The digital forensic investigation is a process of work that ensures all the activities of forensic investigation. The case of Randall and Sarah’s forensic investigation also used the process of forensic investigation. The process helps the investigation to work in a scientific way. The scientific process ensures all the data needed for the investigation and finds the results of the investigation. The forensic investigation process is shown in the following figure-
Figure 1: The digital forensic process
(Craiger and Shenoi, 2007)
The digital forensic process ensures six steps for investigation as they are the identification, preservation, collection, presentation, analysis, examination. The first steps focus on identifying the factors of the investigation and related parties of it. The second step focuses on preserving the suspicion and information of the crime for investigation. The third step focuses on the collection of data on the investigation’s issue. The fourth step ensures the test or examinations of the data available and carefully ensure all the important data related to the information. The next step focuses on the analysis of the information for finding all the necessary outcomes. The last step focuses on the presentation of the analysed information and findings of the report. this is the process of digital forensic investigation and these steps are scientifically proved effective for the work.
Finding of the analysis
From a critical analysis of the data of the Randall Simpson and Sarah Jenson for being the suspicion of theft of intellectual property, the corporate investigator is concerned about them. So, they had taken steps for and ensured digital forensic investigation on them. From the investigation, the results show that data of them can be hiding in different places. The mobile has been seized for the hidden data recovery.
The data is possibly hidden into mobile so that the data need to find out by the disk imaging of the mobile. Also, data can be found in the email of them. The cloud storage is another possible location of the data of investigation. The computer, both personal and official can be the preferred storage of them. All the sources of data need to be investigated and collect all the available information. Then the data is on the need for careful evaluation and analysis. Then the outcomes of the investigation of their forensic report can be out. Considering all the legal and ethical considerations, the case of Randall and Sarah can be solved if the findings are positive then they will be in the code of criminal procedures and when negative the procedures will be stopped and they will be under inspection as a suspect.
Conclusion
The importance and effectiveness of digital forensic are greater in the updated world where the crime in the digital medium is increasing day by day. The digital forensic investigation is focusing to find out the connection and interpreted the results of the investigation. The process of forensic investigation has some legal issues to be maintained such as for warrant and also need to ensure ethical effect on the investigation as a scientific process. So, the digital forensic is needing to be spread and need a skilled professional for the job.
References
Stratton, G., Powell, A. and Cameron, R. (2017). Crime and Justice in Digital Society: Towards a ‘Digital Criminology’?. International Journal for Crime, Justice and Social Democracy, 6(2), p.17.
Pithey, B. (2016). DO NEW CRIMES NEED NEW LAWS? Legal provisions available for prosecuting human trafficking. South African Crime Quarterly, (9).
Blitzer, H., Karen Stein-Ferguson and Jeffrey Huang (2010). Understanding Forensic Digital Imaging. Elsevier Science.
Gardner, R. (2012). Practical crime scene processing and investigation. Boca Raton, FL: CRC Press.
Casey, E. (2017). Digital Stratigraphy: Contextual Analysis of File System Traces in Forensic Science. Journal of Forensic Sciences, 63(5), pp.1383-1391.
Karagiozis, M. (2005). Forensic investigation handbook. Springfield: Charles C Thomas Publisher, LTD.
Hosmer, C. (2006). Discovering Hidden Evidence. Journal of Digital Forensic Practice, 1(1), pp.47-56.
Jones, A. and Valli, C. (2009). Building a digital forensic laboratory. Burlington, Mass.: Butterworth-Heinemann/Syngress Pub.
Oh, S. (2015). The application of digital forensic investigation for response of cyber-crimes. Journal of Digital Convergence, 13(4), pp.81-87.
Craiger, P. and Shenoi, S. (2007). Advances in digital forensics III. New York, NY: Springer.