Filtering of evidence helps to remove unnecessary junk information and retain useful data that is helpful in forensic digital investigations (Laykin, 2013). It also helps to save time and resources. In some cases, forensic investigators come across huge volumes of data including details that can be referred to as junk or unnecessary in the investigative process. When faced with such cases, it is always upon the investigators to create space that will only allow useful data to be used and discard all that is unnecessary (Laykin, 2013). Computer forensics tool filters are used to make work easier by holding data or information that is useful and letting go information that is redundant.
Keywords only filter information related to them. Using keywords alone leaves out a great deal of important pieces of evidence that when used in criminal investigation may convict the suspect. Digital filters are thus used alongside keyword searches to ensure that all the needed information is captured and used as evidence during digital investigations (Park, 2016). However, using keywords and filter tools during forensic investigations makes work easier and exhaustive because they combine to make the filtering process more effective. For this reasons, it is advisable that forensic investigators use both keyword search and filtering tool methods to make investigations thorough and exhaustive.
Other than filtering and use of keyword, computer forensic investigators could also use approximate matching to reduce the volume of data and information. Approximate matching relates the fingerprints to access specific information needed in computer forensic investigations (Park, 2016). This method saves on time and other resources that could be wasted if the investigators went through the enormous volume of data. Approximate matching can be used in Ubuntu, Windows 7, and Windows XP. Filtering techniques are great time and resource savers in digital investigations (Park, 2016). They speed up and enhance accuracy during forensic investigations.
- Laykin, E. (2013). Investigative computer forensics: The practical guide for lawyers, accountants, investigators, and business.
- Park, K. (2016). Advances in computer science and ubiquitous computing. Place of publication not identified: SPRINGER Verlag, SINGAPOR.