| Computer forensics and intrusion forensics are rapidly becoming mainstream activities in an increasingly online society due to the ubiquity of computers and computer networks. We make daily use of computers either for communication or for personal or work transactions. From our desktops and laptops we access Web servers, e-mail servers, and network servers whether we know them or not; we also access business and government services, and then—unknowingly—we access a whole range of computers that are hidden at the heart of the embedded systems we use at home, at work and at play. While many new forms of illegal or anti-social behavior have opened up as a consequence of this ubiquity, it has simultaneously also served to provide vastly increased opportunities for locating electronic evidence of that behavior.
In our wired society, the infra-structure and wealth of nations and industries rely upon and are managed by a complex fabric of computer systems that are accessible by the ubiquitous user, but which are of uncertain quality when it comes to protecting the confidentiality, integrity, and availability of the information they store, process, and communicate. Government and industry have as a result focused attention on protecting our computer systems against illegal use and against intrusive activity in order to safeguard this fabric of our society. Computer and intrusion forensics are concerned with the investigation of crimes that have electronic evidence, and with the investigation of computer crime in both its manifestations—computer assisted crime and crimes against computers. |