An analysis of computer forensic activities in data network

Thumbnail Image
Journal Title
Journal ISSN
Volume Title
Kampala International University, School of Computing and Information Technology
The report summarizes that in this Information Technology age, the needs of law enforcement are changing. Some traditional crimes, especially those concerning finance and commerce, continue to be upgraded technologically. Paper trails have become electronic trails. Crimes associated with the theft and manipulations of data are detected daily. According to the website w~~v.cyber an attack is defined as any kind of malicious activity targeted against computer system resources. including, but not limited to, a break-in (any unauthorized access), virus infestation, data or destruction, or distributed denial of service attacks. In addition, some suggest attackers are likely to strike in the midst of confusion that people expect with the arrival of the Year 2000 computer problem. Tribe and Trinoo also may be more powerful than previous programs of the same kind. The duo, which started appearing in recent months. are steps above what has happened before, according to Dave Dittrich, a computer security technician at the university of Washington who wrote analyses of the programs. When installed onto hundreds or thousands of computers, the programs simultaneously bombard a select point on the Internet. If the information from the attackers comes fast enough, the target computer freezer up. Flooding attacks such as Tribe and Trinco are examples of so-called denial of-service attacks. a method that’s been around as long as there have been networks to inundate. There is a critical need in the law enforcement community to ensure the reliability of computer forensic tools. The goal of the Computer Forensic Tool Testing (CFTT) project at the National Institute of Standards and Technology (NIST) is to establish a methodology for testing computer forensic software tools by development of general tool specifications, test procedures, test criteria, test sets. and test hardware. The results provide the information necessary for toolmakers to improve tools. for users to make informed choices about acquiring and using computer forensics tools. and (hr interested parties to understand the tools capabilities. A capability is required to ensure that forensic software tools consistently produce accurate and objective test results. Our approach for testing computer forensic tools is based on well-recognized international methodologies for conformance testing and quality testing. The researcher used interview, questionnaire~ observation and internet and reading materials in order to analyze, collect, and to gather evidence of criminal activity which is admissible in a court of law
Research report submitted to the School of Computer Studies in partial fulfillment for the requirements of the Award of a Diploma of Computer Science of Kampala International University
Computer Forensic, Data Network