Digital Forensics: Is the Methodology Correct?
Paper was my Thesis for my Masters of Professional Studies in Homeland Security: Information Security with Forensic Capstone at Penn State University. I am now going for my Masters of Law degree at St. Thomas University in Compliance and Ethics in Fall 2017.
Abstract
Digital forensics is an area of information technology that requires a very unique skillset of being able to think both investigative along with being analytical as well. The results of this synthesis of both thinking methods can guide the examination of digital evidence towards not only the outcome of what happened during a time of incident, but why and how it happened as well. This is an approach that brings together both how digital forensics have always been looked at for investigations and incident response after the time of incident has already passed. By proving who or what was behind the keyboard of a computer can allow the forensics to speak for itself when other data may not be there to tell its side of the story. By conducting a survey among both digital forensic examiners working in the field now and other information security individuals, showing how many unknown artifacts are going without analysis will prove how dire new techniques are needed within digital forensics. These results from surveying those in the community will lead to the discussion of a new digital forensic methodology for how forensic examinations of digital evidence are handled. This will bring to the discussion why a digital forensic governing body is essential to the training and education for digital forensics.
Digital Forensics: Is the Methodology Correct?
Digital forensics is an area of information technology that requires a very unique skillset of being able to think both investigative along with being analytical as well. The results of this synthesis of both thinking methods can guide the examination of digital evidence towards not only the outcome of what happened during a time of incident, but why and how it happened as well. This is an approach that brings together both how digital forensics have always been looked at for investigations and incident response after the time of incident has already passed. By proving who or what was behind the keyboard of a computer can allow the forensics to speak for itself when other data may not be there to tell its side of the story. By conducting a survey among both digital forensic examiners working in the field now and other information security individuals, showing how many unknown artifacts are going without analysis will prove how dire new techniques are needed within digital forensics. These results from surveying those in the community will lead to the discussion of a new digital forensic methodology for how forensic examinations of digital evidence are handled. This will bring to the discussion why a digital forensic governing body is essential to the training and education for digital forensics.
