August 2004
National Institute of Standards and Technology (NIST)
New NIST guide helps book'em on digital evidenceCriminal investigators increasingly find that personal computers, handheld devices and even mobile phones contain pictures, e-mail and other data critical to the prosecution of cases. A new guide written by computer forensics experts under the direction of the Office of Law Enforcement Standards (OLES) at the National Institute of Standards and Technology (NIST) provides step-by-step instructions to assist investigators in locating digital evidence so that it stands up to scrutiny once cases are tried.
Forensic Examination of Digital Evidence: A Guide for Law Enforcement is the second guide published since NIST was asked in 1998 by the National Institute of Justice (NIJ) to work on computer forensics.
At the request of NIJ, NIST recently convened a panel of computer forensics experts that pooled their expertise to shape the content of the new guide. NIST staff then organized the information into an easily understood and highly usable document.
The guide provides practical techniques for extracting digital data without either inadvertently altering the information or making it appear that it has been altered. For example, one section describes the right type of search warrant to access the data. Another lesson explains how data must be extracted without changing "modified dates" or other record fields that may lead to charges of evidence tampering.
Other topics covered in the publication include securing digital evidence, hardware/software operating systems, physical access, internal or external storage devices, and the retrieval of configuration information.
The guide can be downloaded in ASCII text and Adobe Acrobat (pdf) format from the NIJ Web site. Go to www.ojp.usdoj.gov/nij/pubs.htm and enter publications number NCJ 199408 into the search engine.
| |
|