Monday, 13 January 2014

Automation In Computer Forensics

Automation. It's a word that is synonymous with Computer Forensics. It's a fantastic topic to debate and one which I find myself thinking about alot. What exactly is meant by automation? Is automation a good thing? Should we automate processes?

For my final year project at University, (after much deliberation) I decided to design and develop software. Initially I had wanted to research current anti-forensic techniques and look at how an examiner can look for and beat anti-forensic techniques; however, after countless hours of research, I found that the topic of automation kept popping up and the debate over whether Forensic software should be automated or not was on-going.

The issue with automation in Digital Forensics, according to some, is that a Forensic Examiner may become 'dumbed down' if he/she uses this type of software and that knowledge in the field could decrease because hey, who needs to know where to find things like a volume serial no. is in hex? Software converts it all for us! (Sarcasm.) Those arguing for automation, say that automation is good in terms of speed and numerous other positives. The opposition then state that speed may reduce quality. Reduced quality means that a case wont be as helpful in court and may even be thrown out. If the case is thrown out, your (bad) reputation may precede you later on down the road.

The argument is fascinating and one that divides people; in fact, that argument was the catalyst that pushed me into designing and developing scripts for my final year project because I wanted to know the answer, or at least investigate the issue in more depth. As the project evolves, i'm constantly asking myself whom I agree with more. It's a tough call and it wouldn't be wise to make a rushed decision, therefore I will conclude this post at a later date, with a final word on whether automation is a good, or bad thing in world of Digital Forensics. 

No comments:

Post a Comment