In this new century of new and evolving technology, cyber crimes have increased in number, while becoming more meticulous and complex in nature. Computer Forensics is a major contributor to many law enforcement investigations and cyber incident research. A report published by the First Digital Forensic Research Workshop (DFRWS) defines Computer Forensics as “The use of scientifically derived and proven methods toward the preservation, collection, validation, identification, analysis, interpretation, documentation and presentation of digital evidence derived from digital sources for the purpose of facilitating or furthering the reconstruction of events found to be criminal….”.
In order for the information found using Computer FOrensics to be used as evidence in legal affairs, researchers must follow a standardized set of guidelines for their claims to be considered reputable. There are numerous methodologies depending on the situation. Some examples include the Abstract Digital FOrensic Model, which is the generally used for today, and the FDFM for when data volume is a concern.
The following are phases in most forensics investigations.