For crime-scene investigators around the world, information technology is becoming an invaluable tool for cracking tough cases. Whether these crime scenes are virtual or physical, law enforcement is learning to use data-replication devices, specialized search tools, and virtualization software to get the drop on the perpetrators.

On the virtual side, it's all about following the trail of "digital breadcrumbs" left behind by hackers, spammers, and other cybertroublemakers, says Mark Pollitt, president of Digital Evidence Professional Services Inc. and a former chief of the FBI Laboratory's Computer Analysis Response Team. CART provides assistance to FBI field offices in the search and seizure of computer evidence as well as forensic examinations and technical support for FBI investigations. The key to solving and prosecuting cybercrimes is collecting, preserving, and examining digital information, he adds.

This can be a challenge, particularly because the simple act of viewing data often changes that data, or at least the metadata surrounding it, Pollitt says. Another challenge can be sifting through copious amounts of data that resides on a suspect's hard drive in search of information that can be used as evidence.

One way to avoid damaging the integrity of data during investigations is to create a copy using hard-drive-duplication technology. One company that provides such technology, Logicube Inc., last month signed a sales and development partnership deal with AccessData Corp., a provider of software used for recovering passwords, viewing registry files, and wiping hard drives, among other things. The two companies are looking to develop devices that integrate their technologies.

Computer forensics represents the future of law enforcement, particularly as crime-scene investigations broaden to include the digital domain. "Every case that comes out has a bigger and bigger data set," Pollitt says. Investigations into the 9/11 terrorist attacks alone yielded about 125 terabytes of data recovered from various sources, he adds. "If you talk to the FBI about the amount of data collected after 9/11, it was many times the volume of information contained within the Library of Congress."

Technology is also being brought to bear on more traditional crime scenes. A division within the Italian state police has for several years been using Silicon Graphics Inc. software and hardware to create detailed digital renderings of crime scenes that can be viewed as high-resolution images in a virtual-reality theater at their crime lab in Rome. The technology used to create the theater, which SGI refers to as a "virtual-reality center," consists of a Unix-based SGI Onyx 350 InfiniteReality4 graphics system computer running six Intel processors. This computer manages three Barco projectors, as well as the acoustic and stereoscopic systems. Images are displayed on an 18-by-7-foot screen.

The Italians are using the virtual-reality scenes to reenact crime scenes, which helps preserve the integrity of the scene and can be used further to evaluate the reliability of a suspect's deposition. The SGI virtual-reality center can be used to reenact such crime-scene elements as a bullet trajectory, blood drops, and the position of a corpse.

SGI says several law-enforcement agencies in the United States have expressed interest in the virtual-reality center. Since the Italian state police began using its Onyx 350-based system in 1999, SGI has introduced a virtual-reality center that runs on the company's Linux-based Prism platform, which starts in the $50,000 range, says SGI marketing VP Greg Estes. Linux and other industry-standard components have helped drive the cost of high-performance systems down so they are more affordable to a greater range of law-enforcement agencies, from the federal to the local levels, he adds.

Not all users need to set up an entire virtual-reality theater to make use of the technology. SGI in April introduced an $8,500 desktop, called the Silicon Graphics Prism visualization system. The Prism has been used by companies to conduct seismic analysis for research in the oil and gas industries, as well as by scientists simulating drug interactions.

Other types of visualization technology are being used more proactively in homeland-security situations. The Massachusetts Port Authority last week said that it's using SiteIQ surveillance technology from VistaScape Security Systems to protect Logan International Airport and Massport maritime properties located in and around Boston Harbor. SiteIQ is a software platform designed to provide an integrated 3-D graphical display used to monitor activity across an entire area, based on input from surveillance cameras and other sensors. SiteIQ detects, tracks, and classifies objects onscreen and, if a security rule is violated, automatically alerts authorities with audible alarms and live video of the event.