Malware Forensic Computing Assignment Example | Topics and Well Written Essays - 2500 words

Malware Forensic Computing - Assignment Example Computer forensics or cyber forensics is a very imperative topic in information systems and networks management. Forensics is the structured procedure of gathering, examining and showing facts and evidences to the court of law, and thus, forensic computing is defined as â€Å"the discipline that combines elements of law and computer science to collect and analyze data from computer systems, networks, wireless communications, and storage devices in a way that is admissible as evidence in a court of law† (US-CERT 2008). This involves the seeking, locating and securing the electronic data so as to provide evidence. This electronic or magnetically encoded data may include text messages, databases, pictures, e-mail, websites, spyware, malware, and so on. The evidence collected is strong and indisputable as compared to any other branch of forensic science because a copy that is made of the collected data is identical to the actual data and there is no room left for dispute. The whol e concept revolves around the idea that a structured investigation is carried out to find out what exactly happened to the computer, when it happened, how it happened, and who did it. This is just like solving a murder case and performing postmortem. The operator does not know that the evidence information is transparently being created and stored by the computer’s operating system which can only be extracted through computer forensics software tools and techniques. ... The crimes include misuse of computer systems, attack on computer systems, using a computer system to work against another system, failure of a computer system, and the list continues. Computer forensics security solutions focus not only on recovery but also on prevention of security threats in order to provide securer solutions that are quicker and cheaper than the conventional techniques. These solutions include intrusion detection system (IDS), internet security system, biometric security system, net privacy system, firewall set-ups, network disaster security system, identity theft prevention system, identity management security system, and so on (Vacca 2005: 146). 2.2. Malware Forensics Malware is the malicious code that computer intruders use to do a cyber attack, and malware forensics is the forensic computing techniques used by the investigators to detect and analyze this malicious code or malware (Ligh et al. 2010). Since cyber attackers are becoming increasingly aware if com puter forensics techniques, they are designing much more sophisticated malicious codes that are at times hard to detect and analyze. Casey, Malin and Aquilina (2008) state that â€Å"By employing techniques that thwart reverse engineering, encode and conceal network traffic, and minimize the traces left on file system, malicious code developers are making both discovery and forensic analysis both difficult.† 2.2.1. Types of Malware The most common instances of malware are the viruses, worms, Trojan horses, scareware, and exploits. Viruses get installed in the computer files through email scams, websites, downloads, etc. Worms work the same way as viruses. Scareware is a malware that