Posted by Admin: System Admin
With the alarmingly increasing rate of cybercrimes worldwide, there is a dire need to combat cybercrimes timely and effectively. Cyberattacks on computing machines leave certain artifacts on target device storage that can reveal the identity and behavior of cyber-criminals if processed and analyzed intelligently. Forensic agencies and law enforcement departments use several digital forensic toolkits, both commercial and open-source, to examine digital evidence. The proposed research survey focuses on identifying the current state-of-the-art digital forensics concepts in existing research, sheds light on research gaps, presents a detailed introduction of different computer forensic domains and forensic toolkits used for computer forensics in the current era. The proposed survey also presents a comparative analysis based on the tool's characteristics to facilitate investigators in tool selection during the forensics process. Finally, the proposed survey identifies and derives current challenges and future research directions in computer forensics. Machine learning is an important component of the growing field of data science. Through the use of statistical methods, different type of algorithms is trained to make classifications or predictions, and to uncover key insights in this project. These insights subsequently drive decision making within applications and businesses, ideally impacting key growth metrics. Machine learning algorithms build a model based on this project data, known as training data, in order to make predictions or decisions without being explicitly programmed to do so. Machine learning algorithms are used in a wide variety of datasets, where it is difficult or unfeasible to develop conventional algorithms to perform the needed tasks.
Forensics is a term that can be used by both the physical and digital world. In the physical world, forensics is associated with physical science investigations such as DNA examination and bloodstains. On the other hand, the digital world consists of seizure, analysis, and protection of digital evidence that can be obtained from physical or virtual storage devices. Forensic investigators retrieve and analyze data using forensic tools that cover a range of features and capabilities. However, these tools have not achieved a high degree of reliability and accuracy yet. As there are many tools currently available for researchers to utilize, this survey provides an extensive assessment of forensic domains and the complex issues and tools applicable for each domain. Additionally, this survey provides a balanced evaluation of the most popular forensic investigation tools in use today. In this survey, tools are experimentally evaluated by considering features of the tools as well as their respective product, performance, and functional metrics. The assessed tools are ranked using the weighted means of tool features, specifically in terms of reliability, scalability, and accuracy. These bench marked results and the discussion of open issues in digital forensics will serve in suggesting future research directions and aid in selecting the most suitable forensic tool for investigation in a timely manner. Disadvantages ? An existing methodology doesn’t implement for WEB FORENSICS,EMAIL FORENSICS. ? Attribution metadata and logs not used to attribute actions to an individual. For example, personal documents on a computer drive might not identify its owner.
_ The proposed research survey identifies the current state-of-the-art digital forensics concepts in existing research and sheds light on research gaps. _ Presents a detailed introduction of different computer forensic domains and forensic toolkits used for computer forensics in the current era. _ Provides a comparative analysis based on the tool's characteristics to facilitate forensics investigators during the digital forensics process. _ The proposed research survey also identifies challenges and provides insights and future research directions in computer forensics. Advantages ? In the proposed system, Network forensics refers to determining the source of the attack and collecting evidence by proactive monitoring and analyzing network traffic that is highly dynamic and volatile. ? In the proposed system, a network forensic tool can perform forensic analysis by connecting remotely and may present an analysis report to maintain a record.