Electronic Forensics - A Definition

Electronic forensics, or as it more commonly known digital forensics, is defined as:

‘… as the use of scientifically derived and proven methods towards the preservation, collection, validation, identification, analysis, interpretation and presentation of electronic evidence derived from electronic sources for the purpose of facilitating or furthering the reconstruction of events found to be criminal or helping to anticipate the unauthorized actions shown to be disruptive to planned operations. One important element of electronic forensics is the credibility of the electronic evidence. Electronic evidence includes computer evidence, electronic audio, electronic video, cell phones, electronic fax machines etc. The legal settings desire evidence to have integrity, authenticity, reproductively, non-interference and minimization.’ (Palmer, 2001)

Breaking down this definition the key elements of electronic forensics are that it is a scientific process that is credible. This credibility is the key to successfully providing electronic evidence that is of use to the law enforcement community as well as the intelligence and military communities. Legal arguments are won on the strength of the credibility of the evidence, and in this, electronic forensics is no different to any other

Also, electronic devices are not just computers, tablets and laptops. Nearly every device running using electricity now has some form of micro-processor and data storage. From cars, to fridge to pacemakers, there are a multitude of devices that can come into the sphere of Electronic Forensics. This internet of things not only opens avenues of attack for hackers but also for forensics experts.

 In the end, the securing and exploitation of electronic forensics is a scientific process, and as such must be viewed as something that is repeatable and auditable.

© Copyright 2018 Australian Fraud and Anti-Corruption Academy Pty Ltd | ABN 12 620 525 877 | RTO No. 45408 | All Rights Reserved