Digital forensics is an evolving field that is becoming very popular in the recent past. We often witness interesting cases being solved using digital forensic methods in movies and television shows.
A closer look, on the other hand, reveals some crucial details. Forensic science is basically the application of the scientific knowledge and methodologies to get a more accurate report regarding any investigation. It can be applied in the common day today events as well as any specific case to obtain the reliable results. In the recent past the use of forensic Sciences are also recognized by the courts. But at the same time the professional investigators engaged in forensics test are not allowed to overrule the decisions taken up by the courts. The present study is a detailed view of how the forensic scientists word and compile there research and investigation in the form of court papers and reports.
The processes of scientific fact-finding and decision-making vary significantly from those of legal fact-finding and decision-making. You should understand the distinction not only because it's a fascinating topic to consider, but also because it's central to how forensic officers gather evidence for use in court. Here it is important to understand that both the methods have its own value throughout the investigation process as well as their impact upon the case being investigated and ultimately upon the life of the people. For this one must have clear idea about the science and its various methodology's before understanding about its role in forensic Science.
Reference Website: https://www.cipsec.eu/content/introduction-digital-forensics
1.1 Science, scientific laws, and the scientific method
Science's goal is to bring order to the world by providing Evidence for anything that is happening around our everyday life. Later on we start considering these evidences to be the norms of our society and start applying it in every context. Dropping objects from a tower or other high point, for example, will definitely take same time to fall in the similar conditions – Time taken can be scientifically calculated using the different formulas. We can explain this using the theory of gravity propounded by Isaac Newton. This can further be connected to other philosophies and theories related to the scientific world.
In most cases, we can arrive at any scientific conclusion by:
Creating our own hypothetical situation and then testing it using various scientific methodology's by which a first hand observation can be made. For this an experiment can be carried out and then the results of the observation can be compared with the actual expectations in order to understand weather the outcome matches with earlier expectations or not. If there is any deviation found then required changes can be made in order to make the hypothesis confirm and reliable for any given situation.
This can be achieved by making use of the various scientific method. A scientific law is the end product of applying the scientific method. If we did it correctly, we should now be able to have a prior knowledge about the results of the experiment conducted keeping in mind the context of the method being applied. the product of this should be such that it should be useful for the other people of the society as well.
Scientific laws are characterized by their universality and repeatability. At this point it is crucial to understand that even the scientific community believes that there cannot be anything in the universe that can be proved completely without any future reforms. this means that any of the scientific formula for theory remains acceptable to the scientific community until unless somebody else proves it to be wrong.
Reference Website: https://www.sciencedirect.com/topics/computer-science/digital-forensics
While results can be compiled in the form of written records by making use of a systematic framework, It is also equally true that any of the scientific research requires a lot of patience and dedication. This process can be very exhaust and complex. Here are some of the topics that Impact the scientific research being undertaken:
It is very common that the initial views being held by the researchers ultimately proves to be wrong. Sometimes it also happens that in between the experiment or the investigation the researcher realizes that his or her pre assumed assumptions were actually incorrect. This helps the researcher to take up a new hypothesis which is more reliable than the earlier one.
• Environment: It includes the equipment like the digital gadgets which includes the laptop or the cell phone of the individual. It can also include the software of the sales manager or the distributor.
• Industry: This will include any organization in the context of a manufacturing clothes or dealing with fashion industry.
• Case Type: This basically include the cases concerned with intellectual property rights, Data breach etcetera.
Testing is one of the most important aspects of the scientific method, so what exactly is a test? Experiments must be meticulously planned in order to test just the theory in question. To analyze and isolate observations of changes under different conditions, controls are typically needed. The most contentious issue in science is probably research methodology; the second is allegations of falsifying data.
The formulation of scientific laws in real life is often an iterative process that leads to a more complete and accurate understanding. When the researcher is pleased with the test findings, they can be published in a peer-reviewed scientific journal, adding to the body of information. The thesis will be peer-reviewed for defects before it is published (and originality).
It is also true that there is a dominant view of how things operate at any given time, through which most scientific endeavour in a given field takes place. Every now and then, the prevailing viewpoint is shown to be incorrect, or a significant discovery is made, resulting in a paradigm change. As a result, it is possible to differentiate between normal research, which accounts for the vast majority of study, and paradigmatic work, which is much rarer.
Reference Website: https://www.eccouncil.org/what-is-digital-forensics/
- R.G. Cowell, A.P. Dawid, S.L. Lauritzen, D.J. Spiegelhalter Probabilistic Networks and Expert Systems, Springer, New York (1999)
- C.G.G. Aitken, F. Taroni, S. Bozza Statistics and the Evaluation of Evidence for Forensic Scientists (third ed), John Wiley & Sons, Chichester (2020)
- C. Champod DNA transfer: informed judgment or mere guesswork? Front. Genet., 4 (2013), p. 300
- R. Cook, I.W. Evett, J. Jackson, P.J. Jones, J.A. Lambert A hierarchy of propositions: deciding which level to address in casework Sci. Justice, 38 (1998), pp. 231-240
- European Network of Forensic Science Institutes, Guideline for evaluative reporting in forensic science, Bruxelles, 2015.
- P. Gill, T.N. Hicks, J. Butler, E. Connolly, L. Gusmão, B. Kokshoorn, N. Morling, R.A.H. van Oorschot, W. Parson, M. Prinz, P.M. Schneider, T. Sijen, D. Taylor
DNA commission of the International society for forensic genetics: assessing the value of forensic biological evidence - guidelines highlighting the importance of propositions. Part II: evaluation of biological traces considering activity level propositions Forensic Sci. Int. Genet., 44 (2020) Article 102186 (in press)
- Protocol Establishment for Investigation.
- Identifying Personnel for Investigation
- Developing documentation Procedures
- Requests for Investigation
- Reporting Forms
2. Initial Investigations
3. Plan of Investigation
4. Non-Destructive Testing (NDT)
5. Destructive Testing (DT)
Request for a Forensic Investigation Form #1 (Section 3.1)
Preliminary Investigation Form #2 (Sections 3.5.1 and 3.5.2)
Initiation of Action Form #3 (Section 3.5.3)
Core Log (Single Core) Form #17a (Section 220.127.116.11)
Asphalt Concrete/Asphalt Surface Treatment Layer Log (Form #19a) (Section 18.104.22.168)
Examples of checklists for use in forensic investigations are included in this appendix. These checklists can be customised to meet the needs of your organisation. The checklists, as well as the section of the guide to which they refer, are as follows:
Checklist #1: AC Wearing Course Layers Logging (Sections 7.3.4 and 7.4.6)
Checklist #2: PCC Wearing Course Layers Logging (Sections 7.3.4 and 7.4.6)
The procedure for digital forensics
The five basic stages of the digital forensic process are as follows:
The primary phase involves recognizing all possible sources of applicable proofs of the work, including the defender data sites.
Saving the sources – The first step involves the procuring the crime scene, where the incident took place by clicking the pictures of the area and maintaining the relevant details of the marks and to keep in order to reserve by current technology on computer and stored the information
Collection entails gathering cardinal data which is helpful in the inquiry of a case. Gathering the information in a way of printing and putting in to the order of collection of all the marks from the crime scene is covered under the process part. The depth and methodological information comes under the Analyzing work. This work helps us to understand the situation of crime location well. I aim to understand the crime situation better the data and other collected evidences make us reach to the conclusion and fair deciding factor which helps in the case. In order to draw a line of deduction, evidences are the only way which can lead us to the collusion.
Recording – this is the first and foremost steps that can build an idea of methodologies and it also help the next qualified scientific advisor to work on the guidelines and avoid delicacy of the same evidenced again and previous one can used as in when it is required.
Concurrent note- is the practice which is leading the investigator helps to avoid the replicate the process, which is helping note for the further scientific instructor, this is the first and foremost measures practice steps for any case investigation.
Digital forensics is more than just the collection, preservation, analysis, and reporting of data related to an incident or event. The techniques which is been followed by the instructor have full knowledge of the method and the background of the person should be more scientific so that the investigation should go in the perpetual direction. This is a scientific idea of solving the case. The peer reviewed journals, may also contribute in the field by conducting research.
a. When a client visits a website, a record is left in the web server's log file, the date is stored at the site of computer if someone visiting that site, the IP address of the server keep some record of the user, however it may lies under the surveillance of some authentic authority, otherwise may of the routers do not save the information much along with them. The figurative data saved by the different website falls in the different category of the evidences, it can be duplicated (called an image) and tested without changing the original. A new copy can be rendered at no cost if the original is lost or changed. Testing normally causes irreversible damage or destruction of physical proof.
b. Also when computers bind to each other without making physical contact, Locard's Exchange theory applies because the signs can be easily loss, as it is difficult to keep it for long period.
Scientific law evolves over time, as well as through the consensus and conventions of the scientific community. Einstein's theories on relativity, for example, have now extended the understanding established by Newton's ideas on gravity. When new theories, experiences, and, in some cases, illegal activities emerge, the same is true in legislation.
The scientific method is used in forensic science as well, although there are at least two types of it:
The creation of the specialized methods that is applicable in systematic way about the instance creates an extraordinary method to emphasis on the working style. The use of scientific methods are having meaningful method that can make investigation more authentic, there are facts which are not easily seen, however these procedures are legally formalized, in terms of getting DNA test or finger print checking.
In the third step: the forensic team investigates and reports on a particular piece of evidences. This has to be 'scientific' in the sense that it can be replicated by others. During the court procedure the defence can show as evidence and expert can verified it. This criterion to be technical entails making the original material (or an acceptable duplicate) available for review, as well as accurate reporting of the work performed.