Challenges Faced by Digital Forensics

The challenges faced by digital forensics can be classified into three categories:

• 1. Technical challenges
• 2. Legal challenges
• 3. Resource challenges

Technical Challenges

As technology develops, so do crimes and criminals. Type of technical challenges include:

• Encryption: It is used for ensuring the privacy of information by keeping it hidden from unauthorized users. Unfortunately, it can also be used by criminals to hide their crimes.
• Data hiding in storage space: Criminals usually hide chunks of data inside storage space in an invisible form by using system commands and programs.
• Covert Channel: A covert channel is a communication protocol that allows an attacker to bypass intrusion detection techniques and hide data over the network. The attacker uses it to conceal the connection between themselves and the compromised system.
• Other technical challenges: These include operating in the cloud, time to archive data, skill gap, and steganography.

Legal Challenges

The presentation of digital evidence is more difficult than its collection because there are many instances where the legal framework is inadequate and does not recognize every aspect of cyber forensics. Types of legal challenges include:

• Absence of guidelines and standards: In India, there are no proper guidelines for the collection and acquisition of digital evidence. The investigating agencies and forensic laboratories are working with their own guidelines, which can compromise the potential of digital evidence.
• Limitation of the Indian Evidence Act, 1872: The Act is silent on the method of collection of e-evidence and only focuses on the presentation of electronic evidence in court by accompanying a certificate. This means the procedure followed must be proved with a certificate.
• Other Legal Challenges: These include privacy issues, preservation of electronic devices, power of gathering digital evidence, admissibility in courts, and analyzing a running computer.

Resource Challenges

As the rate of crime increases, the amount of data also increases, placing a greater burden on digital forensic experts because digital evidence is more sensitive compared to physical evidence and can easily disappear. Types of resource challenges include:

• Change in technology: Due to rapid changes in technology, such as operating systems, application software, and hardware, reading digital evidence becomes more difficult. New versions of software may not be backward compatible, which affects legal proceedings.
• Volume and replication: The confidentiality, availability, and integrity of electronic documents can be easily manipulated. The increased ease of communication and availability of electronic documents raises the volume of data, creating difficulty in identifying original and relevant data.