Enhancement of Existing Tools and Techniques for Computer Forensic Investigation


Gouthami Velakanti, Aditya Katuri


Vol. 14  No. 12  pp. 74-77


Data retrieval is the most important part of computer Forensic investigation. Any data written on the hard disk can be retrieved by the investigators. For that the investigators use many tools to search the files, retrieve the files which are deleted, encrypted, hidden. There are many techniques used to hide. So, how these type of data is recovered? The file which is deleted by the person using ‘delete’ or from recycle bin are never lost permanently. The address of deleted file is marked as free space to be allocated for new file. The main area from which data can be retrieved is file slack. In this we discuss different tools and techniques of searching and retrieving the data and enhancements to the existing tools for better performance


File slack, livesearch, Index search, tools