Abstract
Digital Forensics focuses on the collection of evidence from the volatile and non-volatile memory of a computer based system, such as the hard disk and the RAM content. Needless to say, hard disk data are crucial in the investigation, but whether hard disk data collection is possible or not depends on the features of the case, and whether the forensics practitioners have a suitable legal permission. As nowadays the capacity of hard disks is increasing more and more, it takes a considerable amount of time to perform the imaging phase, and thus to deal with different steps in the chain of custody of the case. As a consequence, delaying the collection step in the investigation may have a detrimental effect on the progress of the investigation or may be a barrier to succeed in the investigation. Hence, we suggest an efficient methodology to collect evidence for dealing with data leak cases, by substantially reducing the collection time.
Sign-in/Register to access full text options 
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a callDisclaimer: All third-party content on this website/platform is and will remain the property of their respective owners and is provided on "as is" basis without any warranties, express or implied. Use of third-party content does not indicate any affiliation, sponsorship with or endorsement by them. Any references to third-party content is to identify the corresponding services and shall be considered fair use under The CopyrightLaw.
