Our Services

The widespread usage of digital devices in our daily life for business and pleasure has exposed us to security threats such as computer crimes, industrial espionage, employee misconduct and intellectual property (IP) theft. Digital devices are also used to facilitate malicious activities such as document falsification, illegal online gambling, pornography, homicide, extortion, kidnapping, embezzlement and so on. Statistics show that the digital evidences associated with crimes are increasing manifold each year.

Digital Forensics is commonly defined as the identification, collection and/or acquisition, preservation, analysis and presentation of digital evidence. Figure 1 below depicts the forensics methodology adopted by DFD when conducting digital forensics investigation and examination.


Identification

Identification is a process of identifying the potential evidence. This is a very important process which if executed properly will avoid collection of evidences not related to the case being investigated. This also shall avoid collecting unnecessary evidences which can increase the overheads of the analysis and investigation process.

Preservation

Digital evidence is very fragile. It can be easily altered, damaged or destroyed by improper handling thus maintaining its integrity is of an utmost importance and is a tall order in forensics investigation and examination. The forensics method used must be completely non-invasive. The process will start from the very beginning of the digital forensics methodology and will follow through until the case is tendered in court. A bit-stream image copy of the evidence must be made before analyzing the media. A unique checksum of the value of the content must be generated from the original evidence. This can be achieved by using cryptographic hashing algorithms such as MD5 and SHA-1. Chain of custody is also a part of the preservation process and must not be broken at anytime of the investigation until the case is summed up.

Collection and/or Acquisition

This is the very first critical stage of the entire digital forensics methodology because what is collected or acquired here will be used to analyze and investigate throughout the life span of the case. An utmost care must be adhered at this stage to avoid contamination of the evidence. Preservation of the identified evidences will start right here thus usage of forensically sound tools will help preserve the evidence. Contaminated or tampered evidence will not be permitted or admitted into the court of law. Everything collected or acquired must be documented. Expert advice need to be sought by the first responder in deciding whether to collect or seize the whole evidence or just acquire a portion of the evidence. Expert advice need to be sought as well when dealing with live systems.

Analysis

The purpose of this process is to discover and recover evidences related to the case being investigated. Data related to the case found will be extracted out and interpreted and subsequently put it in a logical and useful format. The findings of this process will determine whether the suspect can be charged in the court of law or not. Due to the criticality of this stage, due care must be adhered when analyzing the digital evidence. The integrity of the evidence must be maintained at all time by adhering to prudent preservation methods. Chain of custody must be maintained at all times too.

Reporting / Presentation

This is the final stage of the methodologies where the analyst will be required to put together the findings in an understandable and presentable manner. The format of the reporting / presentation must suit the intended audience for their easy interpretation of the case analysis.
At Digital Forensics Department (DFD), we have a dedicated and highly skilled team of digital forensics analysts who conduct digital forensics investigations and examinations. We specialize in various kinds of digital forensics flavors such as:

Computer Forensics
Mobile Phone / PDA Forensics
Embedded Device / Smart Card Forensics
Audio Forensics
Video Forensics
Internet / Web Forensics
Network Forensics
Data Recovery Services

Equipped with a Class100 clean facility and fire-rated evidence preservation facility, it is guaranteed that digital evidences under DFD's custody are protected and managed with a very high degree of care. We pledge that all the cases being investigated and examined by DFD will be done with the highest level of quality and confidence in order to demonstrate our seriousness in this, DFD is in the process of getting accredited by American Society of Crime Laboratory Directors / Laboratory Accreditation Board (ASCLD/LAB).