Computer Forensics: Definition And Purpose (Complete)

Computer Forensics: Definition And Purpose (Complete) – On this occasion we will discuss about what it is Computer Forensics and Purpose of Computer Forensics as well as the stages in Computer Forensics itself.

The word forensic comes from the Greek word Forensic which means debate or debate. Meanwhile, according to forensic terms, one of the fields of science that is used to help enforce the justice process through the process of applying science or science.

Computer Forensics: Definition And Purpose (Complete)

Let's discuss the full understanding of computer forensics first

Understanding Computer Forensics

Computer forensics is a branch of forensic science that deals with legal evidence found in computers and digital storage media. This computer forensics is known as Digital Forensics. Many fields of science are used and involved in a crime or criminal case for the sake of law and justice, where this science is known as forensic science.

Understanding Computer Forensics According to Experts

The understanding of computer forensics explained by experts is as follows:

Judd Robin

Computer forensics is the simple application of computer investigation and analysis techniques in determining the range of possible legal evidence.

Noblet

According to him, computer forensics plays a very important role in retrieving, maintaining, retrieving and presenting data that has been processed electronically and stored in computer media.

Ruby Alamsyah

Saying that computer forensics or digital forensics is a science that analyzes evidence digitally so that it can be accounted for in court. The digital evidence includes, among others: laptops, mobile phones, notebooks, and other technological devices that have a storage area and can be analyzed.

This study in the field of computer forensics is still relatively new and is still being developed, due to the rise of crimes in a computer that requires a proving process so that all computer crime cases can be legally proven in court.

At this time, computer forensics is divided into several fields, including internet forensics which discusses forensics within the scope of the internet and internet forensics applications, network forensics, disk forensics, firewall forensics, database forensics, MDF and system forensics all in context computer forensics.

Purpose of Computer Forensics

The purpose is to secure and analyze digital evidence, as well as obtain various objective facts from an incident or security breach of an information system. These facts will be used as evidence in the legal process. For example, through Internet Forensics, we can find out who the person who sent us email was, when and where the sender was. In another example we can see who is the complete website visitor with IP information Address, the computer he uses and his whereabouts and what activities are carried out on our website the.

Stages in Computer Forensics

There are four phases in computer forensics, including:

Data collection, Data collection whose purpose is to identify various resources that are considered urgent and how all data can be collected properly.

Test, Testing includes a process of assessing and sorting out various appropriate information from all the data that has been collected, as well as bypassing the process or minimizing various features in the data. operating systems and applications that can remove data, such as encryption, compression, access control mechanisms, allocating files, checking data meta-mapping, extracting files, and so on – other.

Analysis, which can be done with various method approaches. The task of this analysis includes many activities, such as identifying the users (users) who are indirectly involved, location, events, devices, and consider how all the components are connected to each other to reach a conclusion end.

Documentation and Reports, Several factors can affect the results of documentation and reports, including the following:

• Alternative Explanations – An analyst basically must be able to use an approach in the form of a method to approve or reject any explanation of a case or case submitted.
• Audience Consideration - That is providing data or information to the audience that is very useful and necessary. In a case involving a number of rules, a specific report is needed regarding the data information collected. In addition, it is also very necessary to have a copy of every fact obtained. Because this can make a very reasonable consideration.
• Actionable Information – Is a process of documentation and reporting that includes the identification of actionable information obtained from a set of previous data. With the help of such data, we can obtain and retrieve the latest information.

That's a brief review about Computer Forensics: Definition And Purpose (Complete) that we can understand, hopefully the article above can increase our knowledge and be useful, thank you so much