An Autonomous Institution
Accredited by NBA(CSE, ECE, EEE, MECH)
AICTE Sponsored Margdarshan Mentor Institution
DST-FIST Supported Institution | ISO 9001:2015 certified
Recognised Under Section 2(f) & 12(B) of the UGC Act,1956
103/G2, Bypass Road, Vannarpettai, Tirunelveli, Tamil Nadu, India - 627003.
Software forensics is the field of software science aimed at authorship analysis of computer source code for some legal purposes. It involves the area of author identification, discrimination, and characterization. Forensic specialists attempt to determine if the same programmer authored two or more code fragments. This is certainly valuable information if security breaches are frequent. In this case, software forensics can assist in finding the culprit.
Browser history, cookies, registry entries on the client side, and log files on the server side can be a great source of digital evidence.
Email scammers use phishing and scam techniques to acquire sensitive information of individuals or organizations. The role of email forensics is to identify the scammer behind the crime. Email investigations rely heavily on email message files, email headers, and email server log files.
Database forensics involves the study of databases and their related metadata for the purpose of collecting the digital evidence.
Media and file system forensics deals with storage media, such as a hard drive, where digital evidence can be found, as well as several types of file systems the medium can have, such as the Fat32 and NTFS.
Operating system forensics is the process of retrieving useful information from the operating system (OS) of the computer or mobile device in question. Operating systems include Windows, Linux, and Android.
Network forensics refers to investigations in which the investigators monitor and analyze network traffic to detect intrusion, aiming at collecting the digital evidence.
Mobile phone data can be used as evidence in court, as happened during the recent murder trial of Scott Peterson and the rape scandal at Duke University. A mobile device has various locations where data can be stored, such as volatile or non-volatile memories, multimedia card, and compact flash card. While conducting a mobile device investigation, search and seizure procedures must be followed.
Virtual machines are widely used in organizations and are a common part of a forensic investigation. Examiners must be familiar with the file extensions that show the existence of virtual machines. To examine a virtual machine, the investigators first create an image of the host machine and then export files associated with a virtual machine.
