backlink free directory. site rank

TrustDIR.org » Trusted SEO Web Directory » Ethical SEO » Better Traffic » Higher Sales

 

 

 

Top Hits       Articles & Tutorials       WEB SEO Directory Statistics       Latest Websites       Suggest Article  

Article Home » Computers » Anti-Virus



Digital Computer Forensics Gathering Tools:

Submitted on: Mon, 11 Nov 2013 22:17:30Views: 360
In civil litigation it is necessary to gather digital forensics data. This is not always achievable in each case. Still, there are some guidelines that should be followed when handling computer or mobile phone forensics data.

When compiling such data, there are a number of digital computer forensics tools that can be used to obtain data from any gadget. Some of these include:

FTK Imager – A lightweight collection tool that can be used to create both full (physical) acquisitions and targeted (logical) acquisitions of data, from both servers and computers.

EnCase Enterprise – A collection tool that enables us to make targeted forensic copies of data remotely over a corporate network without the knowledge of the target custodians.

XRY – XRY is a reliable and highly respected forensic tool which supports a wide variety of mobile devices including mobile phones, Sat Navs and tablets. The software supports the recovery of ‘live’ and ‘deleted’ data from devices and is presented in a user friendly and clear format.

Cellebrite – Cellebrite can perform ‘live’ and ‘deleted’ analysis of a number of mobile devices including mobile phones and tablets. One of the main features of Cellebrite is that it can extract a ‘file system/file structure’ read from a device and will then display the evidence in the exact same way that it is stored on the device. Cellebrite is also an excellent tool for recovering ‘deleted’ data from mobile devices.

Pre-Processing Tools For Digital Computer Forensics

Pre-processing tools are designed to quickly reduce data volumes prior to loading into an e-disclosure platform. Some pre-processing tools on the market are charged on a per GB basis, or a per day pricing model. The per day pricing allows us to undertake high data volume projects at a lower cost than had per GB pricing been applied.

We were asked to undertake an e-disclosure exercise across 5TB (5,000,000MB) of data. Had all of this data been loaded straight into a review platform the cost would have been approaching £1 million in processing costs alone. By utilising a pre-processing engine we were able to undertake the exercise for tens of thousands instead.

Pre-processing tools includes the following:

Nuix – Excellent for large volumes of data, Nuix is able quickly to index and search almost all commonly encountered data types, allowing us to rapidly cull out irrelevant data. Nuix is capable of loading all data sources at once enabling us to de-duplicate across exhibits. In a recent exercise we were able to reduce the volume of data that needed to be loaded into the review platform from over 11TB to less than 50GB using Nuix.

EnCase – Historically a tool for forensic practitioners, EnCase can be used for e-disclosure to reduce data volumes and recover previously deleted information if required. EnCase is an ideal pre-processing tool for smaller cases with fewer data sources, but can become labour-intensive on larger cases. Recently, we used EnCase to recover deleted information for inclusion in document review, in total over 1,000 previously deleted files were recovered.

FTK – Can be used in a similar capacity to EnCase for e-disclosure. FTK indexes all data on adding to a case allowing fast keyword searching. FTK is ideal for use on cases with large volumes of emails as it is effective at maintaining document families such as emails and their attachments, which is often vital for the e-disclosure process.

Processing and Review Tools For Digital Computer Forensics

A suite of processing and review tools will initially process the data to enable de-duplication (where not undertaken at a pre-processing phase) and indexing of the data to make it fully searchable for review. This allows us to omit the pre-processing phase where data volumes are small, saving time and effort.

We completely host each of our review platforms. This takes off the load of handling the system from the client so that they can concentrate on reviewing documents. We have specialists on call who are able to offer guidance and support in the process of evaluation. Some of the data manipulation and review tools include:

Clearwell- Debatably one of the best e-disclosure software in the industry. It was ranked by the 2013 Gartner Magic Quadrant as “leader” for e-disclosure software. It has different features that are varied and offers an interface that is practical and responsive. Clearwell is billed per GB and can be accessed from any computer through our protected portal.

FTK- This has an assessment feature that makes it suitable for smaller cases. Evaluation through FTK can be obtained from our specially made reviewing suites in our Sartford-upon-Avon laboratory. It is less functional as compared to Clearwell and can only be used by one reviewer for each exhibit. However, it can be seen as an affordable option in some scenarios since it is not billed per GB.




















Paul Bromby is the author of this article on Computer Forensics.
Find more information, about Computer Investigations here



» Latest news on : Anti-Virus
» Google News for: Digital Computer Forensics Gathering Tools:

Lates tweets about Computers / Anti-Virus

From @qataror on Mon Sep 28 11:17:27 EDT 2020
RT @ANNIECASSEBURNE: Indonésie. Des anti-masques contraints de creuser les tombes de victimes du Covid-19 #Coronavirus #Masquesdeprotection…
From @Nocomente1 on Mon Sep 28 11:17:24 EDT 2020
RT @NaphtalineLeBon: A partir d'aujourd'hui , le virus fera sa promenade à partir de 22 heures ... 😎😎😎 Annonce anti-covid du jour : ferme…
From @OCONNELLAFCFAN on Mon Sep 28 11:14:53 EDT 2020
@Echopeus @Turbo_Mike @NateSilver538 LOL. People at the start of pandemic did say that Trump & his anti-intellectua… https://t.co/oz9OneCtSb
From @Lee62992263 on Mon Sep 28 11:13:08 EDT 2020
RT @alfonslopeztena: It began with devastation in the New York City area, followed by a summertime crisis in the Sun Belt. Now the coronavi…
From @Tamarsim1 on Mon Sep 28 11:12:35 EDT 2020
RT @NaphtalineLeBon: A partir d'aujourd'hui , le virus fera sa promenade à partir de 22 heures ... 😎😎😎 Annonce anti-covid du jour : ferme…
From @AdachiChungus on Mon Sep 28 11:12:01 EDT 2020
RT @Dorcas29664124: @junpeip3bigcock @AdachiChungus There is two ways to make computer go fast. You can either install ram from a web site…
From @adekleine on Mon Sep 28 11:11:53 EDT 2020
RT @secularagnostic: WAY TO GO A-HOLES Virus cases rise in US heartland, home to anti-mask feelings https://t.co/aHlBPSeHHD
From @BbcanHav3not on Mon Sep 28 11:11:07 EDT 2020
RT @maej43: 700 new cases?!? A shut down by October 22nd?! No. This will happen before that. This is inexcusable. And small businesses will…
From @rachel_garniss on Mon Sep 28 11:10:41 EDT 2020
RT @maej43: 700 new cases?!? A shut down by October 22nd?! No. This will happen before that. This is inexcusable. And small businesses will…
From @beansi50 on Mon Sep 28 11:09:09 EDT 2020
RT @alfonslopeztena: It began with devastation in the New York City area, followed by a summertime crisis in the Sun Belt. Now the coronavi…
Copyright © 2008 - 2011     VIC Consulting - WEB Development, website promotion & SEO services
Autos neuves et usagées | Ottawa used cars, furniture & real estate | Toronto Computers Anti-Virus
Follow webseodirectory on Twitter