Computer Forensics is a branch of digital forensics which is used in “identifying, preserving, recovering, analyzing and presenting facts and opinions about the information” (Caloyannides, 2001, p. 22). This branch is mainly associated with the wide range of computer crimes. With the discovery of internet, computer crimes have been reached a significant level. There are many activities like viruses through which computer systems either in digital or electronic form are attacked all over the world. Computer Forensics teams are present to monitor and investigate such intrusions and protect computers and networks from such situations.
Several research tools are introduced by the software developing companies which facilitate examinations of cyber-attacks for computer forensics teams. Some of the most wide-spread tools are given below:
- Appliance for Digital Investigation and Analysis (ADIA)
- File Recovery Software
- File Viewers
- Password Recovery Software
- X-Ways Forensics
- Writing Tools
- Network Tools
- Appliance for Digital Investigation and Analysis (ADIA): It is a VMware based appliance which is used for digital investigation and acquisition. Some of the best features of this tool are that it is built from public domain software and is free of charge. Besides, it is released on March 2012 and publically available.
- File Recovery Software: Another research tool used by computer forensics is file recovery software, which helps to find out the deleted files. Moreover, in many cases it also assists in recovering the files which are very difficult to analyze.
- File Viewers: There are various types of file viewers software which enable computer forensics to view the file without actual opening it.
- Password Recovery Software: This is another tool that helps computer forensics team regain the password. It can be considered one of the best tools since it is used to access password protected files. In addition, even if the password list is destroyed password recovery software can still recover it. By using the tool, computer forensics can investigate cybercrime more efficiently.
- X-Ways Forensics: Integrated Computer Forensics Software: It is an advanced research environmental tool for computer forensics. Being very efficient, it runs fast and finds deleted files. It is comprised of imaging, disk cloning, data interrupter, etc. (ISFCE: Certified Computer Examiner, 2005).
- Writing Tools: Writing tools replicate the data of hardware and software.
- Network Tools: Network tools are applied to analyze network traffic. For this purpose, packet sniffers are used which help computer forensics detect and analyze a live attack on the system. By using such tools, computer forensics team can perform its duties in a more effective manner. The team will be able to define the place where the attack has been carried out from. All the tools mentioned above are used by computer forensics to detect and control computer intrusions. All of them are also to decrease the rate of computer crimes.
Thus, there are several Forensics Toolkits available in the markets which are free of charge, for example, CERT Forensics Toolkit. CERT Forensics Toolkit contains tools that are freely available to federal, state, local law enforcement agencies, including the Department of Defense, within the USA (Caloyannides, 2001). Apart from this, there are also some tools which are open source and are free for everyone. Some of them are Data Acquisition, Volume Systems, File System, Memory and etc.
References
Caloyannides, M. (2001). Computer Forensics and Privacy. Boston, MA: Artech House.
ISFCE: Certified Computer Examiner. (2005). Web.