Blog
Multi-technology integration is the main direction of the future development of electronic evidence forensics equipment
Electronic material evidence is mainly realized by means of electronic forensics, including evidence acquisition, preservation, analysis and production of results and other processes, the process is complex and strict. Therefore, multi-technology integration will be the main direction of the future development of electronic evidence forensics equipment.
Electronic material evidence is mainly realized by means of electronic forensics, including evidence acquisition, preservation, analysis and production of results and other processes, the process is complex and strict. Therefore, multi-technology integration will be the main direction of the future development of electronic evidence forensics equipment.
1. Mirror copy
The basis of electronic evidence forensics is data extraction. Through mirror copy technology, the data in related storage media such as hard disk, U disk and mobile phone are copied as they are, and various analyses are carried out on this basis. Only by ensuring the originality of the data copy can the accuracy of the later analysis be ensured. This technology is relatively common. Data Compass data compass and Data Copy King hard disk data copy and copy detection integrated machine on the market all have this function.
2. Data Recovery
Data recovery is an important category of electronic evidence forensics technology, that is, through professional tools such as HD Doctor, Data Compass, Data Copy King, SDII-9000 server professional forensics equipment, Flash flash memory data recovery master, disk opener and other professional tools, emergency recovery is carried out for data loss caused by human reasons (deletion, formatting, virus invasion, etc.) and hardware reasons (defective storage medium with hardware failure of storage carrier), including the firmware-level repair of the computer does not recognize the defective hard disk, the high-speed mirroring and extraction of the defective medium and the material evidence hard disk with serious bad track in the lossless state, etc., is one of the core technologies of the underlying data forensics.
3, Data Analysis
In the process of electronic evidence forensics, in-depth analysis of massive data is an important link to draw conclusions. With the help of proprietary tools, investigators can search for different types of documents accurately and detect all kinds of traces. For example, "efficiency source smart phone professional forensics all-in-one SPF" is designed with functional modules such as "two-dimensional timeline", "call rule" and "behavior space-time analysis", which can intelligently analyze criminal mobile phone data, arrange all behaviors in chronological order, and clearly describe "someone communicates something in a certain way at a certain time and place". In the case that GPS is turned off, the activity track of the mobile phone in a certain period of time can be presented through the base station positioning, while for the mobile phone that cannot be obtained temporarily, the relevant information can be obtained by importing the criminal call list for analysis.
4. Fixation of evidence
In the process of obtaining, preserving, analyzing and presenting evidence on the basis of legal norms, the legitimacy and probative force of evidence must be guaranteed by means of "evidence fixation. In order to achieve this, electronic evidence forensics equipment should have a physical read-only function, always in a write-protected state, effectively avoid the data extraction and analysis process of the suspected target data tampering, in line with judicial forensics norms. In addition, the MD5 verification method should be provided to ensure the originality of the evidence.
To sum up, in order to ensure the effectiveness and timeliness of electronic physical evidence forensics, it is necessary to use comprehensive electronic physical evidence forensics equipment with comprehensive functions, integrating mirror copy, data recovery, data analysis, evidence fixation and its branch technologies, and making the cumbersome and complex forensics process clear, intelligent and convenient. Just like the high-tech equipment equipped with the "Efficiency Source Electronic Material Evidence Laboratory", the standard judicial evidence collection operation process is adopted, which integrates electronic material evidence pre-inspection, evidence solidification and verification, data extraction, data recovery, data analysis and electronic judicial report, and is easy to learn and use. It will maximize the efficiency of evidence collection and promote the development of electronic material evidence collection to integration and intelligence.
More news
Contact Us
Service Hotline
Telephone:020-83513401
Fax:020-83513401
After sales:400-613-1580
E-mail:sales@tyntec.cc
Website:www.tyen-ai.cn
Address: Room 3012, No. 316 Huanshi Middle Road, Yuexiu District, Guangzhou,Guangdong,China
Zip Code: 510095
WeChat Official Account
Links:
©2024 Guangzhou Tyen Electronic Technology Co., Ltd SEO