The literal meaning of the term ‘forensics’ is ‘to bring to the court.’ In investigation operations, the process of using scientific knowledge in collecting data, analyzing them and then presenting the evidences to the courts is called Forensics.
Computer forensics features elements of both law and computer science. Forensic, primarily, deals with analysis and recovery of potential evidences. The evidences can be in any form, like fingerprints left on things, files on hard drive to DNA evidences found from blood stains. In computer forensics the data is collected from computer systems, networks, storage devices and wireless communications. After, this data is analyzed and then is presented in the court.
In computer forensics two basic types of data are collected: and Volatile data. Persistent data is stored on a local hard drive and is preserved when the computer is switched off, like in CDs and pen drives etc. and Volatile data is stored in memory only. It exists in transit, which can be lost, when the computer either is turned off or losses power. This data, generally, live in cache, random access memory (RAM) and in registries. As this data is a transient one, so an investigators should know certain ways to get it.
In computer systems any data can be lost, either intentionally or accidentally, so to recover it there are many data recovery experts. Computer forensic is also such kind of process, which not only recovers data, but also can detect the cause behind this loss.
This device is useful in detecting cyber crimes. There are a lot many cyber crimes of different types. E-mail frauds, illegal use of computers in committing crimes, stealing user names and passwords, launching viruses, stealing documents and identities, these are some kinds of basic cyber crimes.
In investigating these crimes computer forensics play an important role. To execute this role experts need expertise in this field and need training. After collecting data and other evidences, they present these evidences in the court for legal procedures.