Saturday, September 11, 2010

Digital Forensics Program Teaches Cybercrime Fighting Skills

Tech Times

 
Crime investigation is going digital in today's high-tech society, where devices from laptops to phones and even GPS units store digital paper trails. To retrieve and sort through the massive amounts of data stored on computers and other gadgets, companies, law enforcement and federal agencies are looking to digital forensics specialists for help.

TSTC is one of just two colleges in Texas offering an associate degree in the fast-growing field of Digital Forensics Technology (DIF). With its hands-on labs using industry-standard software and law classes, Senior Instructor Linda Shorter said DIF students are getting the skills agencies want in new hires.

"Companies and law enforcement are glad we're doing this training, because they need help with the imaging and analysis work. Around 95 percent of all crimes have something digital tied into them, whether its cell phones, PDAs or computers, everything you touch gets a record," Shorter said. "They need more people who know the software, and that's what we're teaching."

Shorter teaches students to use Forensic Toolkit (FTK), one of the top-of-the-line products used in the digital forensics industry. The FTK software can perform various searches on computers to pull up records of deleted files, log in information, e-mails sent and received and websites visited, etc. One of the first lessons students learn is that a file is not really deleted until it's written over.

"I've learned that people leave all kinds of data whenever they use computers," DIF student Eric Watson said. "Even with files on a flash drive, deleted files can be recovered. Cell phones too. These days cell phones are just small computers."

With the correct validation and proper handling, digital evidence can be used in criminal cases. The program's Department Chair Derek Smith said validation is critically important when it comes to digital forensics. That's why the program requires students to take classes in both criminal and cyber laws.

"You have to know the law when you're retrieving digital evidence, because without the proper validation, evidence could be thrown out," Smith said. "Hash values or numeric values authenticate the data from a computer to prove it hasn't been changed and that no tampering has occurred."

Because the program is new, it has yet to graduate its first student. However, Smith said interest in the program has increased each semester, especially with the added bonus of the faster dual degree track.

"One of things we've done to make our program appealing is to offer a dual major for network security and digital forensics. It's only seven semesters to get both forensics degrees because many of the classes overlap," Smith said. "The students are jumping all over that because they only have to stay two more semesters to get a second associate degree. It makes them more marketable when it comes to finding a job, too."

One such dual major student, Enrique Cervantes, said he hopes to find work as a network security specialist or a digital forensic analyst when he graduates because it's an exciting field to be in right now.

"With network security, you're protecting the network and your clients and with digital forensics you're uncovering digital secrets, and that's what caught my attention," Cervantes said. "So I started the DIF program last semester. Even though I've been in it the least amount of time, I'm more interested in this program than all the other computer fields I've studied."