Home > Free Essays > Law > Criminology > Computer Forensics

Computer Forensics Expository Essay

Exclusively available on IvyPanda Available only on IvyPanda
Updated: Jun 3rd, 2019

Conducting investigation of computers does not differ much from traditional public investigation. It also implies search for material evidence, including word documents, photos, pictures, or graphic data. The only difference lies in methods of extracting these computer artifacts (Nelson & Phillips, 2010).

In this respect, to disclose the facts of kidnapping, computer forensics could be of great value because it can allow the policy office to find all necessary information about the forthcoming crime or about the crime that has already been committed (Nelson & Phillips, 2010).

In case with kidnapping, the computer files and hard disk should be investigating for possible photos of the kidnapped victims, stenography, a process by means of which an image is concealed behind another digital image, and deleted files that are possible to extract and recover.

When electronic data has been collected to identify the kind of the incident and introduce evidence of the crime, it is important to organize a meeting with the witness who can provide details of the incident (Kannellis, 2006). The one-to-one interview can help me to get into more detail about the case and compare the testimony with the files and pictures found on computer (Anson & Bunting, 2007).

One of the most frequently used tools for concealing information is stenography, which is also considered the major threat to governmental security (Caloyannides, 2004). This way of information coding is used by most criminals who strive to conceal the images and photos (See Appendix 1). Before evaluating and deliberating the evidence, it is essential to carry out baseline data network analysis to understand the crime scene.

Further steps will determine the normal usage and topology of the network, interview with system administrators, logs of affected and associated systems, and outputs received from IDSs.

The data that can be obtained from computer is stored in a running system memory, which constitutes as great evidential value (Anson & Bunting, 2007). As soon as the running processes are determined and connections are active, it is possible to generate a clear picture of what actions have been performed by a user, a potential suspect.

Interestingly, in case the kidnapper does not realize the face of the crime, it is reasonable to build in specific equipment that can permit the investigator to control subsequent course of action provided by the criminal. Such an approach will increase chances for discovering new evidence proving the fact of kidnapping (Anson & Bunting, 2007).

While examining the evidence, it is purposeful to refer to various types of evaluation, including live analysis and cross-sectional assessment. The first step to be taken is detecting the first activity that was carrying out on computer at the moment of the accident (Anson & Bunting, 2007).

Using cross-sectional analysis through acquisition, analysis, and reporting, it is possible to detect the fact of criminal’s using several computers for storing data about the victims (Mohay, 2003). There is a great probability that the attacker can use more than one database for allocating pictures, documents, and stenography to distract the crime scene investigators.

Finally, although some of the resources detected on the computer of the accused, they can be applied to characterize and define the background, including his activities and hobbies. Therefore, this information will also be helpful for forensic professional who make the psychological profile of the kidnapper.


Anson, S., & Bunting, S. (2007). Mastering Windows Network Forensics and Investigation. New Jersey: John Wiley and Sons.

Caloyannides, M. A. (2004). Privacy Protection and Computer Forensics. US: Artech House.

Kannellis, P. (2006). Digital Crime and Forensic Science in Cyberspace. US: Idea Group Inc.

Mohay, G. M. (2003). Computer and Intrusion Forensics. US: Artech House.

Nelson, B., & Phillips, A. (2010). Guide to Computer Forensics and Investigation. US: Cengage Learning.

This expository essay on Computer Forensics was written and submitted by your fellow student. You are free to use it for research and reference purposes in order to write your own paper; however, you must cite it accordingly.
Removal Request
If you are the copyright owner of this paper and no longer wish to have your work published on IvyPanda.
Request the removal

Need a custom Expository Essay sample written from scratch by
professional specifically for you?

Writer online avatar
Writer online avatar
Writer online avatar
Writer online avatar
Writer online avatar
Writer online avatar
Writer online avatar
Writer online avatar
Writer online avatar
Writer online avatar
Writer online avatar
Writer online avatar

certified writers online

Cite This paper

Select a url citation style:


IvyPanda. (2019, June 3). Computer Forensics. Retrieved from https://ivypanda.com/essays/computer-forensics-2/

Work Cited

"Computer Forensics." IvyPanda, 3 June 2019, ivypanda.com/essays/computer-forensics-2/.

1. IvyPanda. "Computer Forensics." June 3, 2019. https://ivypanda.com/essays/computer-forensics-2/.


IvyPanda. "Computer Forensics." June 3, 2019. https://ivypanda.com/essays/computer-forensics-2/.


IvyPanda. 2019. "Computer Forensics." June 3, 2019. https://ivypanda.com/essays/computer-forensics-2/.


IvyPanda. (2019) 'Computer Forensics'. 3 June.

More related papers
Psst... Stuck with your
assignment? 😱
Psst... Stuck with your assignment? 😱
Do you need an essay to be done?
What type of assignment 📝 do you need?
How many pages (words) do you need? Let's see if we can help you!