Why it is important to actively invastigate suspect
computers while they are on the network :-
- It is important to actively invastigate suspect
computers while they are on the network because computer network
has grown so the criminl or hackers have opportuninty for
electronic crime.
- And the attacker can commit these criminal activity through
online. Criminals can share the information and gather identity and
information of victims .
- The computer crime can be done through -- websites,
chat rooms, file sharing networks, e-mail.
- To actively invastigate suspect computers we need
report, and this report is developed by technical working
group for the investigation of crime which is related to
high technology.
- This investigation process include -- Forensic
examination of digital evidence, Internet and network
invastigation, Investigative use of technology, Electronic crime
investigation by first responder.
- While investigating the suspected computer, the investigator
should aware that the criminal may use the network for diiferent
reason -- sharing of information like documents,
photographs, sound files, movies, text and graphic files and the
software programs.
- The investigation of suspect computers allow controls on
suspected activity, social control, recognize and monitor
threats and prevent and investigate criminal
activity.
- This activity can be control using various programs
like - total information awareness program and the
technology which include high speed surveillance computers and
biomatrics softwares.
- Digital forensic -- In digital forensic the
researcher gather data about cybercrime then check the digital
system that were affected.
- This process invloves analyzation of network
connection, raw data, hard drives, file system, cahing devices and
RAM memory.
- The researchers look for fingerprints in the system
files, emails, web browsing history, network and service
logs.