| Computer forensics and intrusion forensics are rapidly becoming
mainstream activities in an increasingly online society due to the
ubiquity of computers and computer networks. We make daily use of
computers either for communication or for personal or work transactions.
From our desktops and laptops we access Web servers, e-mail servers, and
network servers whether we know them or not; we also access business and
government services, and then—unknowingly—we access a whole range of
computers that are hidden at the heart of the embedded systems we use at
home, at work and at play. While many new forms of illegal or anti-social
behavior have opened up as a consequence of this ubiquity, it has
simultaneously also served to provide vastly increased opportunities for
locating electronic evidence of that behavior.
In our wired society, the infra-structure and wealth of nations and
industries rely upon and are managed by a complex fabric of computer
systems that are accessible by the ubiquitous user, but which are of
uncertain quality when it comes to protecting the confidentiality, integrity,
and availability of the information they store, process, and communicate.
Government and industry have as a result focused attention on protecting
our computer systems against illegal use and against intrusive activity in
order to safeguard this fabric of our society. Computer and intrusion
forensics are concerned with the investigation of crimes that have electronic
evidence, and with the investigation of computer crime in both its
manifestations—computer assisted crime and crimes against computers. |
