Cybercrime is called has really reached damaging levels. This includes breaking into a bank account through internet banking or the use of stolen debit cards, phishing, hacking accounts, identity theft and data theft.
This new branch is a new field slowly evolving from studies. The aim of this branch of computer science is to determine the modus operandi of the cyber thieves and not only bring them to book but to prevent such criminal acts in future, through proper software and of course legislation.
Forensic multimedia software and expert knowledge are mostly used to explain how the device has been tampered with, such as computer systems, storage media, electronic documents (eg email message or JPEG).
The scope of forensic analysis can vary from simple information retrieval to reconstruct the series of events. This branch has been defined as involving "the preservation, identification, extraction, documentation and interpretation of computer data".
Computer forensic methodology supported by the flexibility and extensive domain knowledge and often the culmination of hard work, intuitive observations and conclusions proved.
Through appropriate legislation, forensic evidence is subject to the usual requirements for digital evidence requires authentication information, obtained and received reliably.
computer forensic investigations usually follow a standard digital forensics process (acquisition, analysis and reporting).
Some of the techniques used for the forensic investigation of computers such as cross-drive analysis, analysis of computer files deleted, etc. Examination of the operating system using traditional forensic evidence or there is a sysadmin tool extracts. A common technique used in computer forensics is the recovery of deleted files.