Abstract
D.Phil.(Computer Science)
We are living in an increasingly complex world in which much of society is dependent on technology
and its various offshoots and incarnations (Rogers & Siegfried, 2004). There is ample evidence of the
influence of technology on our daily lives. We communicate via e-mail, use chat groups to interact
and conduct business by using e-commerce. People relate each other’s existence to a presence on
Facebook.
The convergence of the products, systems and services of information technology is changing the
way of living. The latest smart and cell phones have cameras, applications, and access to social
networking sites. These phones contain sensitive information, for example photographs, e-mail,
spread sheets, documents, and presentations. The loss of a cell phone therefore may pose a serious
problem to an individual or an organisation, when considering privacy and intellectual property
issues from an information security (Info Sec) perspective (Pieterse, 2006). Organisations have accepted the protection of information and information assets as a fundamental
business requirement and managers are therefore implementing an increasing number of security
counter measures, such as security policies, intrusion detection systems, access control mechanisms, and anti-virus products to protect the information and information assets from potential threats.
However, incidents still occur, as no system is 100% secure. The incidents must be investigated to
determine their root cause and potentially to prosecute the perpetrators (Louwrens, von Solms,
Reeckie & Grobler, 2006b). Humankind has long been interested in the connection between cause and event, wishing to know
what happened, what went wrong and why it happened. The need for computer forensics emerged
when an increasing number of crimes were committed with the use of computers and the evidence
required was stored on the computer. In 1984, a Federal Bureau of Investigation (FBI) laboratory
began to examine computer evidence (Barayumureeba & Tushabe, 2004), and in 1991 the
international association of computer investigation specialists (IACIS) in Portland, Oregon coined the
term ‘computer forensics’ during a training session.