Digital Forensics: The Science Behind Solving Cybercrimes

1. Introduction

In the current era, the majority of the population relies heavily over the usage of technology for everything. From social media to businesses conducting their operations there is increased reliance and usage of technology. Hence, as society evolves and technology marches forward our understanding of the origins of criminality must be continuously revised. The persistence, prevalence, and seriousness of cybercrime demand a greater response from the international community.

To counter this risk, digital forensic investigation firms provide assistance in conducting forensic analysis after the occurrence of any cybercrime. With the passage of time, the forensic investigation process has also been modified and distributed into different phases to make this investigation more effective. Every phase has its own impact on the process of investigation.

1.1 Cybercrime

Cybercrime is a technological trap, a criminal activity committed on the internet. Crime against an organization or an individual in which a computer is involved. The computer may be used in the crime or may be the target of the crime. The first recorded cybercrime took place in the year 1820. Offenses that are committed against individuals or groups of individuals with a criminal motive to intentionally harm directly or indirectly using modern telecommunication networks such as the internet (chat, emails, notice boards, viruses) and mobile phones (SMS, MMS, Calls).

Cybercrime can contain criminal activity against data, copyright, fraud, unauthorized access, child pornography, cyberstalking, hijacking, hacking, phishing scams, computer/mobile viruses, cyber terrorism, credit card theft, and bank account number. There are two main types that define cybercrime

1. Target computer networks or devices such as viruses, malware, or denial of service attacks.
2. Crime that is facilitated by a computer network or device like cyber-stalking, fraud, identity theft, phishing, extortion, etc

In these days cyber crime is expanded to include international border activities and now be considered a global epidemic. Cybercrime covers such a broad scope of criminal enterprise. Advancements in modern technology have helped countries to develop and expand their communication network, enabling faster and easier network and information exchange. There is no doubt about computer technology and the internet enhances the capabilities of human interaction. But somewhere the growth of global connectivity is inherent to cybercrime.

1.2 Digital Forensics

Today Digital Forensics is an important tool for solving crimes committed with computers, as well as for solving crimes against people where evidence may reside on a computer. Digital Forensics is the science of identifying, extracting, analyzing, and presenting the digital evidence that has been stored in digital devices.

The process of Digital Forensics Investigation includes the collection and analysis of data from computers and other digital devices in the interest of obtaining evidence. Evidence obtained in a digital forensic investigation can be useful in criminal, civil, or corporate investigations, but different legal rules may apply. Some examples of what the result of a Digital Forensic investigation is:

1. Hard Disk Drives (HDD) & Virtual Machines: Firmware information, Basic Input Output System (BIOS), Registered ownership and software registration information, Operating system registers, Media Access Control (MAC) addresses, IP addresses
2. Magnetic Tape Digital Storage: Access Control lists, etc), Temporary files, System files, Passwords, Deleted files, Hidden files, Compressed files, Encrypted volumes,
3. Network Devices: Historical artefacts associated with Internet activity (bookmarks, favourites, cookies, browser extensions, html code, java code, etc.), Backup data, Synchronized data, Communications and correspondence data (e.g., chat and instant messaging logs, email, PST files, attachments, web postings, etc.), Screen names, Activity associated with file sharing networks (e.g., peer-to-peer file exchange logs)
4. Mobile Devices/Cameras Devices/Social Media: International Mobile Equipment Identity (IMEI), International Mobile Subscriber Identity (IMSI), Location data in phone registers, Contact lists, Call logs, Short Message Service (SMS), Multimedia Message, Service (MMS), Notes, Memorandums, Voice mail, GPS coordinates and geo-tags, Credit card numbers, Application data.
5. Security Systems: Closed-circuit television (CCTV) recordings, Postage tracking numbers, and Database entries.

2. Review of Literature

Information technology currently, has no leaps and bounds. The widespread usage of computer technology, in order to further previous possibilities and current requirements, is a sure indication of our digital age. From business organizations to police to educational institutions, everybody has come to terms to use it. Although it eases the functioning of organizations, it also stands as a threat.

As observed by Sivaprasad & Janga Je, 2012: “With the introduction of Information Technology in the business, every organization that comprises IT has started to take benefits of this technology. This is done by attaining the advantage over other competitors in the market, by providing new features to the customers after incorporating technology at the operational side especially, increasing the operational speed and reducing the probability for any error in operations.”

Numerous areas of modern life have become more advanced with the implementation of computers. Digital forensic procedures are necessary for investigators to be able to apply these to detect, apprehend and take legal action against criminals involved in digital crime (Čisar et al., 2012).

As mentioned by Ojo & Adebayo, 2011, since the introduction of the discipline of Digital Forensics in the field of Information Technology especially in the corporate business industry, the persons associated with technology started their efforts in order to overcome the audit and research challenges associated with digital forensic of the organizations as much as possible. Investigations in cases like these are complex. They have to be tackled precisely with care because even a slight mistake in a combination might lead to the deletion of important data. An analysis on this point of the research was carried out by Ankit, Megha, Saurabh & Gupta observed in 2011.

3. Conclusion

This paper therefore will not only look into the basics of Digital forensics and Cybercrime but also strives to strike a balancing relationship between them. Cybercrimes are very common these days. However, the field of digital forensics has not been able to keep up with the pace of such crimes. The authors have also explained how Digital forensics can be developed even more to counter the growing menace of cybercrimes. The authors, therefore, question the effectiveness of digital forensics towards cybercrime in both positive and negative aspects.