Digital forensics has been defined as the use of scientifically derived and proven methods towards the preservation, collection, validation, identification, analysis, interpretation and presentation of digital evidence derived from digital sources for the purpose of facilitating or furthering the reconstruction of events found to be criminal or helping to anticipate the unauthorized actions shown to be disruptive to planned operations.
One important element of digital forensics is the credibility of the digital evidence. Digital evidence includes
computer evidence, digital audio, digital video, cell phones, digital fax machines etc. The legal settings desire evidence to have integrity, authenticity, re productivity, non-interference and minimization.
Computer crimes are on the rise and unfortunately less than two percent of the reported cases result in conviction. The process (methodology and approach) one adopts in conducting a digital forensics investigation is immensely crucial to the outcome of such an investigation.
Overlooking one step or interchanging any of the steps may lead to incomplete or inconclusive results hence wrong interpretations and conclusions. A computer crime culprit may walk Scot-free or an innocent suspect may suffer negative consequences (both monetary and otherwise) simply on account of a forensics investigation that was inadequate or improperly conducted.