Article Review- Digital Forensics (Article Sample)

Review on Digital Forensics Name Institution Affiliation Course Number Date Abstract A chain of custody is a process that is used to manage data and resources in an organization. In many cases, the chain of custody is used to control access to information and resources. This process can be used to protect data from unauthorized access or modification. In some cases, the chain of custody can be used to prevent data loss. This report summarizes studies about some of the solutions that can be used to solve these problems. The studies suggest the development of clear policies, centralizing digital evidence repository, training of employees, and using blockchain to store evidence in a distributed ledger. Besides, the paper also critiques the solutions proposed and how they would impact the chain of custody. Indeed, the decision of the specific solution to implement depends on the direct needs of the organization and more research is needed to come up with the most effective solutions. Introduction The purpose of this report is to investigate the problems and solutions associated with a chain of custody in digital forensics. In particular, the report will focus on how to obtain evidence that is admissible in courts. It aims at providing an understanding of the current situation and potential solutions that can be adapted to address the identified issues. Besides, the report also includes a review of the digital forensics research methods. It is important to understand that the term “digital forensics” encompasses a wide range of activities and thus the scope of this report is limited to the investigation part only. In recent years, digital forensics has become an increasingly important tool in law enforcement. As more and more crimes are committed using computers or other digital devices, investigators must have the skills and knowledge to properly collect and analyze digital evidence. However, there are several challenges associated with digital forensics, particularly regarding the chain of custody. These challenges can be divided into two main categories: technical and organizational. Technical challenges include the need for specialized skills and knowledge, as well as the challenge of properly preserving digital evidence. Organizational challenges include the need for clear policies and procedures, as well as communication and coordination between different agencies. One of the studies used includes the work by Efendi (2019), who proposed the development of clear policies and procedures as a solution to the organizational challenges associated with digital forensics. The study found that many agencies do not have clear policies and procedures regarding the collection and analysis of digital evidence. As a result, there is often confusion and disagreement about how to properly collect and preserve digital evidence. This can lead to errors in the investigation, which can then lead to the exclusion of evidence from the court. To solve this problem, Efendi (2019) recommends the development of clear policies and procedures regarding digital forensics. Another study used is by Ariffin and Ahmad (2021) who proposed the use of a centralized repository for digital evidence as a solution to the technical challenges associated with digital forensics. The study found that many investigators do not have the skills or knowledge to properly collect and analyze digital evidence. Furthermore, the study found that investigators often lack the time and resources to properly preserve digital evidence. Al-Khateeb et al. (2019) also proposed the use of a centralized repository for digital evidence. However, they go one step further and suggest the use of blockchain to store digital evidence in a distributed ledger. Blockchain is a type of database that is used to store data in a decentralized way. This means that the data is not stored in one central location but is instead distributed across a network. Finally, Atlam et al. (2020) proposed the use of the internet of things in digital forensics as a solution to the challenges associated with digital forensics. The study established that investigators often lack the time and resources to properly preserve digital evidence. Taxonomy Below is a deeper dive into the solutions provided by the four studies: 1 Efendi, T. F. (2019). The Management of Physical Evidence and Chain of Custody (CoC) in Digital Forensic Laboratory Storage. International Journal of Sociology, 001-010. Some of the solutions proposed by Efendi (2019) to the problems associated with a chain of custody in digital forensic laboratories are: Developing and implementing clear policies and procedures regarding the management of digital evidence. This encompasses everything from the initial collection of evidence to its storage and eventual destruction. Efendi also recommends training employees on the proper management of digital evidence. This includes everything from handling to storage and destruction. By improving training and education regarding digital forensics, investigators will have the necessary skills and knowledge to properly collect and analyze digital evidence By implementing these solutions, Efendi (2019) believes that the problems associated with a chain of custody in digital forensic laboratories can be effectively addressed. 2 Ariffin, K. A. Z., & Ahmad, F. H. (2021). Indicators for maturity and readiness for digital forensic investigation in the era of industrial revolution 4.0. Computers & Security, 105, 102237. Ariffin and Ahmad also suggest some solutions such as: Similar to Efendi (2019), Ariffin & Ahmad (2021) suggests developing and implementing clear policies and procedures regarding the management of digital evidence. This encompasses everything from the initial collection of evidence to its storage and eventual destruction. Ariffin and Ahmad recommends the creation of a centralized repository for digital evidence. This would allow for better coordination and communication between different agencies. Also, evidence would be accessed easily when needed. Furthermore, they stated that training should not only be conducted once but regularly to maintain up-to-date knowledge as technology rapidly changes. 3 Al-Khateeb, H., Epiphaniou, G., & Daly, H. (2019). Blockchain for modern digital forensics: The chain-of-custody as a distributed ledger. In Blockchain and Clinical Trial (pp. 149-168). Springer, Cham. Al-Khateeb et al. (2019) propose the use of blockchain technology to address the problems associated with a chain of custody in digital forensics. They suggest that by using blockchain, digital evidence can be stored in a distributed ledger. This would allow for better coordination and communication between different agencies. Also, it would allow for easier access to evidence when needed. In addition, the use of blockchain would make it more difficult for evidence to be changed or tampered with. Blockchain technology could also be used to track the chain of custody of digital evidence. This would allow for better transparency and accountability. 4 Atlam, H. F., Hemdan, E. E. D., Alenezi, A., Alassafi, M. O., & Wills, G. B. (2020). Internet of things forensics: A review. Internet of Things, 11, 100220. Atlam et al. (2020) propose the use of the internet of things to address the problems associated with a chain of custody in digital forensics. They suggest that by using the internet of things, digital evidence can be collected and stored in a central repository. This would allow for better coordination and communication between different agencies. Also, it would allow for easier access to evidence when needed. In addition, the use of the internet of things would make it more difficult for evidence to be changed or tampered with. Comparison There are some similarities between the four studies. All four studies recommend the development and implementation of clear policies and procedures regarding the management of digital evidence. This includes everything from the initial collection of evidence to its storage and eventual destruction. Furthermore, all four studies suggest the creation of a centralized repository for digital evidence. This would allow for better coordination and communication between different agencies. Also, evidence would be accessed easily when needed. Finally, all four studies recommend that training should not only be conducted once but regularly to maintain up-to-date knowledge as technology rapidly changes. Discussion The solutions proposed by all authors are all feasible and would address the problems associated with a chain of custody in digital forensics. However, there are some potential drawbacks to each of these solutions. Conversely, the solution proposed by Ariffin, and Ahmad is the most comprehensive. It addresses all the problems associated with a chain of custody in digital forensics. However, it is also the most expensive and time-consuming solution. The solution proposed by Al-Khateeb et al (2019) is less expensive and time-consuming than the solution proposed by Ariffin and Ahmad. However, it is not as comprehensive. It does not address all the problems associated with a chain of custody in digital forensics. On the other hand, the solution proposed by Atlam et al. (2019) is the least expensive and time-consuming. However, it is also the least comprehensive. It does not address all the problems associated with a chain of custody in digital forensics. Conclusion There is no perfect solution to the problems associated with a chain of custody in digital forensics. The best solution depends on the resources available and the needs of the organization. All the solutions proposed in this paper have potential drawbacks. However, each of the solutions would address some of the problems associated with a chain of custody in digital forensics. Also, each of the solutions has the potential to be improved...