Table of Contents
In the current globe of advancing technology, much information is being created, stored as well as distributed through electronic mediums. This needs many bureaus to enlarge the employment of digital data gathering as a standard or frequent instrument in their fight against crimes and other purposes. In this, the preparation phase of a digital search is the most important (Kim et al, 2011).
Simply stated, digital investigation needs digital evidence that is not existent by default and is often destroyed or damaged during average eradication, containment as well as restoration activities. Considerate preparation is capable of improving the availability and quality of digital proof brought together while reducing organizational expenditure as well as burden. This is compared to an association’s forensic promptness attitude (%u015Al%u0119zak et al, 2009). The preparation phase comprises of the steps used by firms to make the best use of digital facts accessibility in the maintenance of detection, deterrence, response, prosecution and investigation connected to computer protection occurrences. Preparation activities include:
- Appraise risk taking into account threats, vulnerabilities, exposure/loss and many others
- Build up an information maintenance strategy that is both pre/post occurrences
- Build up an event response strategy, taking in procedures, policies, human resources assignments as well as technical necessities description
- Extend technical means, for instance, response toolkits
- Instruct employees
- Set up network and host devices
- Build up data maintenance and management procedures
- Expand lawful activities management plan that is both pre/post-incident
Preparation activities have their focus on the victim association and not on one investigating, which is most probably disconnected from the victim either organizationally or functionally. Investigators have their focus on their preparation activities, on event reaction preparation, technical potential growth, instruction, and evidence maintenance handling process growth (Olivier & Shenoi, 2006). This process prevents the data from being manipulated or duplicated to a second user, thus preserving the first document.
Ways of Hiding Data
Data storage in computers, frequently known as memory, or storage, is a technology made up of computer parts and recording medium employed to preserve digital information. It is a core responsibility and basic constituent of computers (Yang et al, 2009).
Primary storage, also known as the main or internal memory, simply referred to as memory, is the only storage directly available to the Central Processing Unit. The Central Processing Unit constantly reads commands stored there as well as executing them as needed. Whichever information actively worked on is also kept there in a consistent manner (Shoemaker & Conklin, 2012). Data can be hidden in a magnetic storage media that uses diverse patterns of magnetization on a surface that is magnetically coated for storing information. The data is accessed through making use of one or more write/read heads that may have many recording transducers (Bosworth, 2009). A read or write head simply covers a section of the face the medium or the head or both can be moved next to one another so as to access data. Examples are magnetic tape, hard disk drive and floppy disk. Data is also hidden through an optical storage media, for instance an optical disc that is a round, non-volatile disc that keeps data in deformities on its surface. Examples are CD-ROM, BD-ROM, CD-R, DVD-R, CD-RW, and DVD-RW.
Data Detection Tools
Of late, as noted from Bosworth (2009), many novel algorithms have been wished-for in steganography as well as image cryptography with the objective of developing safety, efficiency and reliability. Steganography detection can be referred to as a method of telling if there are hidden messages concealed in pictures. The act of a steganalysis arrangement is mostly established by the way of feature removal as well as the designer choice of the classifier.