CYBER FORENSICS

MARCUS K. ROGERS

Purdue University, West Lafayette, Indiana

1 INTRODUCTION

The field of forensics or criminalistics in general has received a great deal of attention over the last few years. The popular media's obsession with anything forensic related has also resulted in increased attention by the scientific and information technology communities. The judiciary has also increased its scrutiny of the field, as judges and lawyers are struggling with the concept of digital or electronic evidence. The very nature of evidence has evolved from being primarily document based to being digital or electronic based. It has been estimated that in the next few years, 80% of all criminal investigations will contain digital evidence (DE). This prediction seems realistic as electronic documents have replaced paper documents in most business environments.

The media attention has also prompted many private sector consulting companies and academia to focus on this area of criminalistics. The introduction of these two communities to the field has resulted in some interesting challenges and uncovered various issues within the field. However, the private sector and academia have also been important factors in the rapid evolution that cyber forensics is currently undergoing.

The current article is divided into three main sections: scientific overview, critical needs analysis, and research directions. More explicitly, the article looks at the development of this new forensic discipline, ...