School of Computer and Information Science, Edith Cowan University, Perth, Western Australia
The increase risk and incidence of computer misuse has raised awareness in public and private sectors of the need to develop defensive and offensives responses. Such increase in incidence of criminal, illegal and inappropriate computer behavior has resulted in organizations forming specialist teams to investigate these behaviors. There is now widespread recognition of the importance of specialised forensic computing investigation teams that are able to operate. Forensics analysis is the process of accurately documenting and interpreting information more precisely digital evidence for the presentation to an authoritative group and in most cases that group would be a court of law. At the level of practice these investigative skills extend beyond a methodological approach. The scope of this paper will compare the different methodologies and procedures in place for the gathering and acquisition of digital evidence and thus defining which model will be the most appropriate taxonomy for the electronic evidence in the computer forensics analysis phase.