Welcome to Scribd!

0% found this document useful (0 votes)

88 views

Anti Forensics

Uploaded by

This document defines and discusses anti-forensics, which are tools and techniques that make forensic investigations difficult or impossible. It outlines several categories of anti-forensics including data hiding, artifact wiping, and trail obfuscation. While some see anti-forensics tools as malicious, others believe they can be used to improve digital forensic procedures and tools by highlighting deficiencies. Common anti-forensics techniques discussed are overwriting or destroying data, using disk sanitizers, encryption, steganography, and altering file headers or embedding files in other file types.

Copyright:

Attribution Non-Commercial (BY-NC)

Available Formats

Download as PPT, PDF, TXT or read online from Scribd

Anti Forensics

Uploaded by

lekha555

0% found this document useful (0 votes)

88 views12 pages

Copyright

Available Formats

PPT, PDF, TXT or read online from Scribd

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Copyright:

Attribution Non-Commercial (BY-NC)

Available Formats

Download as PPT, PDF, TXT or read online from Scribd

Download as ppt, pdf, or txt

0% found this document useful (0 votes)

88 views12 pages

Anti Forensics

Uploaded by

lekha555

Copyright:

Attribution Non-Commercial (BY-NC)

Available Formats

Download as PPT, PDF, TXT or read online from Scribd

Download as ppt, pdf, or txt

Jump to Page

You are on page 1of 12

Search inside document

ANTI-FORENSICS

Definition: Anti-Forensics: tools and techniques that frustrate forensic tools,investigations and investigators.

Dr. Marc Rogers of Purdue University. Dr. Rogers uses a more traditional crime scene approach when defining anti-forensics.

Attempts to negatively affect the existence, amount and/or quality of evidence from a crime scene, or make the analysis and examination of evidence difficult or impossible to conduct.

SUB CATEGORIES:
Data Hiding Artifact Wiping Trail Obfuscation Attack against forensic tools and processes.

Purpose And Goals

Common conception: Anti-Forensics tools are malicious and intent. Others believe Anti-Forensics tools should be used to illustrate Deficiency in digital forensic procedures And in Digital forensics tools Forensics examiner education

Purpose And Goals

Avoiding detection Disrupting information collection Increasing the examiners time Casting doubt on a forensic report or testimony (Liu and Brown, 2006) Forcing a tool to reveal its presence

Traditional Anti-forensics Technique

Overwrite Or Destroying Data: Overwriting of data: Eliminate data or Metadata. Tools used: Washers,Timestamp Eliminators. Disk Sanitizers: Free space sanitizers Tools used: File Shredders

Data Hiding
Making data difficult to find. Limit identification and collection of evidence by investigators. Data Hiding tools: Encryption Steganography

Each data hiding methods makes difficult forensics examination difficult.

Different Data Hiding Techniques

Changing the file headers. Other Programs divide files up into small sections and hide each section at the end of each file. Files often have unused space called slack space and you can make use of this slack space for hiding data. Packers is program can insert executable files into other kind of files

Artifact Wiping
Permanently eliminating particular files or entire file system. This can accomplished through the use of variety of methods that include Disk Utilities File wiping Utilities.

Trail Obfuscation
To Confuse, disorientate and divert the forensic examination process. Variety of tools LogCleaners Spoofing Mis-infomartion

Counter Measures
Improve the Tools: Many computer forensics tools are poorly written. Save data where the attackers cant get at it Log Hosts CD-Rs Develop new Tools: Defeat encrypted files system with key loggers.

References
http://en.wikipedia.org/wiki/Anticomputer_forensics#Sub-categories http://www.usenix.org/publications/libr ary/proceedings/sec96/boneh.html http://www.simson.net/ref/2007/ICIW .pdf

Crime Scene Investigation and Reconstruction An Illustrated Manual and Field Guide
Document414 pages
Crime Scene Investigation and Reconstruction An Illustrated Manual and Field Guide
Alexandroiu Radu
No ratings yet
Basic CYBER Forensics
Document64 pages
Basic CYBER Forensics
Chirayu Aggarwal
No ratings yet
CMFF - Cellebrite Mobile Forensics Fundamentals 2019
Document4 pages
CMFF - Cellebrite Mobile Forensics Fundamentals 2019
dumkoliveira
No ratings yet
COLLECTION AND PRESERVATION OF DIGITAL & FORENSIC EVIDENCE by Peter at JTI May 2021
Document10 pages
COLLECTION AND PRESERVATION OF DIGITAL & FORENSIC EVIDENCE by Peter at JTI May 2021
Benjamin Mulingoki
No ratings yet
Systematic Digital Forensic Investigation Model
Document14 pages
Systematic Digital Forensic Investigation Model
Betara Indra
No ratings yet
Workshop: Tracking Adversary Infrastructure
Document52 pages
Workshop: Tracking Adversary Infrastructure
Eric Chan
100% (1)
DIGITALFORENSICS
Document4 pages
DIGITALFORENSICS
Anupam Kumar
40% (5)
Criminalistic S
Document83 pages
Criminalistic S
Che Elle
No ratings yet
A Critical Review of 7 Years of Mobile Device Forensics
Document27 pages
A Critical Review of 7 Years of Mobile Device Forensics
Liam Lam
No ratings yet
Ishaan Sinha: Cyber Crime Investigator & Author
Document2 pages
Ishaan Sinha: Cyber Crime Investigator & Author
ShalakaGhadigaonkar
100% (1)
CH 17 Document Examination S
Document45 pages
CH 17 Document Examination S
Jon Williams
No ratings yet
Anti Forensics
Document11 pages
Anti Forensics
Ai Adhi
No ratings yet
Anti Forensics and Defeating Antiforensic Measures
Document16 pages
Anti Forensics and Defeating Antiforensic Measures
Heer Lubana
100% (2)
Forensic Concept
Document15 pages
Forensic Concept
pratipalmadan
No ratings yet
Criminology and Forensic Science Paper I Content
Document5 pages
Criminology and Forensic Science Paper I Content
Devraj
No ratings yet
Digital Forensic Fundamentals
Document43 pages
Digital Forensic Fundamentals
Qomindawo
No ratings yet
Computer Forensic - Overview PT
Document40 pages
Computer Forensic - Overview PT
Jepra
No ratings yet
Cyber Law
Document20 pages
Cyber Law
Manish Kumar
No ratings yet
ACPO Good Practice Guide For Digital Evidence v5
Document43 pages
ACPO Good Practice Guide For Digital Evidence v5
th.diogos5361
No ratings yet
Digital Forensics A Complete Guide - 2020 Edition
From Everand
Digital Forensics A Complete Guide - 2020 Edition
Gerardus Blokdyk
No ratings yet
Final
Document6 pages
Final
Aditi
No ratings yet
Softwares Video Forense PDF
Document10 pages
Softwares Video Forense PDF
Jean Mortaza
No ratings yet
An Examination of Digital Forensic Models
Document12 pages
An Examination of Digital Forensic Models
James Williams
100% (1)
Digital Forensics Report
Document36 pages
Digital Forensics Report
ehtisham sadiq
No ratings yet
Lecture1-Introduction To Digital Forensics 2013
Document44 pages
Lecture1-Introduction To Digital Forensics 2013
museman92
No ratings yet
ACPO Guidelines Computer Evidence
Document72 pages
ACPO Guidelines Computer Evidence
James Williams
No ratings yet
Forensic Investigation On Whatsapp Web Using Framework Integrated Digital Forensic Investigation Framework Version 2
Document10 pages
Forensic Investigation On Whatsapp Web Using Framework Integrated Digital Forensic Investigation Framework Version 2
Th3 CKS
No ratings yet
CaseStudy UFED
Document4 pages
CaseStudy UFED
Stuff Newsroom
No ratings yet
Forensic Analysis of Ransomware Infected Windows Hard Disk A Case Study
Document4 pages
Forensic Analysis of Ransomware Infected Windows Hard Disk A Case Study
International Journal of Innovative Science and Research Technology
No ratings yet
CF Lecture 03-Digital Evidence and Forensic Investigation Process
Document41 pages
CF Lecture 03-Digital Evidence and Forensic Investigation Process
Faisal Shahzad
No ratings yet
FTK DataSheet - AccessData
Document2 pages
FTK DataSheet - AccessData
accessdata
No ratings yet
Introduction To Criminal Investigation Processes Practices and Thinking 1610493485. Print
Document203 pages
Introduction To Criminal Investigation Processes Practices and Thinking 1610493485. Print
Giovanni Rossi
No ratings yet
Digital Forensic in The Future
Document18 pages
Digital Forensic in The Future
Hayes John
No ratings yet
Basic CYBER Forensics
Document64 pages
Basic CYBER Forensics
TaikhumKothambawala
100% (1)
DOJ - Investigative Uses of Technology
Document169 pages
DOJ - Investigative Uses of Technology
Arthur Frost
100% (2)
LAB - Footprinting and Recon
Document6 pages
LAB - Footprinting and Recon
dakota dewolfe
No ratings yet
02 Reconnaissance Techniques
Document34 pages
02 Reconnaissance Techniques
Johnpatrick Dejesus
No ratings yet
Suicide or Homicide
Document6 pages
Suicide or Homicide
SHA
No ratings yet
C-DAC Cyber Forensics
Document29 pages
C-DAC Cyber Forensics
ramani144
No ratings yet
Eforensics 05 2014
Document67 pages
Eforensics 05 2014
Dejvid Vas
0% (2)
Smartphone Forensic Challenges
Document18 pages
Smartphone Forensic Challenges
AI Coordinator - CSC Journals
No ratings yet
Definition of Location Dependent Query Processing
Document4 pages
Definition of Location Dependent Query Processing
ramniwas_manjhu
100% (1)
Computer Forensics
Document12 pages
Computer Forensics
Harikrishnan Jayan
No ratings yet
Crime Scene Investigation (Muder)
Document6 pages
Crime Scene Investigation (Muder)
Dhaval Chudasama
No ratings yet
EF FS EnCase Forensic Imager Webready
Document1 page
EF FS EnCase Forensic Imager Webready
Mirela Beatriz
No ratings yet
Current - Syllabus - 0112301 - Cyber Security Law and Policy
Document5 pages
Current - Syllabus - 0112301 - Cyber Security Law and Policy
Maryam
No ratings yet
Law Enforcement Challenges in Digital Forensics
Document44 pages
Law Enforcement Challenges in Digital Forensics
blkjack2u
100% (1)
Digital Forensics
Document103 pages
Digital Forensics
Rohith Vava
No ratings yet
Open Source Investigation of Detention in Tibet
Document211 pages
Open Source Investigation of Detention in Tibet
Brigada Osint
No ratings yet
Bluetooth Technology: Mobile Computing
Document12 pages
Bluetooth Technology: Mobile Computing
rws1000
No ratings yet
Crimes Cene Investigation and Evidence Collection PDF
Document8 pages
Crimes Cene Investigation and Evidence Collection PDF
Darwin Zanata
No ratings yet
Research Article Forensic Analysis of Social Networking Applications On An Android Smartphone
Document36 pages
Research Article Forensic Analysis of Social Networking Applications On An Android Smartphone
Rakib Ahmed
No ratings yet
Malware Analysis: Digital Forensics, Cybersecurity, And Incident Response
From Everand
Malware Analysis: Digital Forensics, Cybersecurity, And Incident Response
Rob Botwright
No ratings yet
Computer Forensics
Document18 pages
Computer Forensics
Prasanna Garine
No ratings yet
DigitalForensics Introduction
Document19 pages
DigitalForensics Introduction
Mahadev Thukaram
No ratings yet
Fingerprint Forensics in Crime Scene: A Computer Science Approach
Document25 pages
Fingerprint Forensics in Crime Scene: A Computer Science Approach
Jerico Flores
No ratings yet
Forensic Tools in Comparison: An Assessment of Performance Across Different Parameters
Document7 pages
Forensic Tools in Comparison: An Assessment of Performance Across Different Parameters
International Journal of Innovative Science and Research Technology
No ratings yet
590 WK
Document17 pages
590 WK
api-651266391
No ratings yet
Digital Forensics Framework A Complete Guide
From Everand
Digital Forensics Framework A Complete Guide
Gerardus Blokdyk
No ratings yet
Android Digital Forensics - Simplifying Android Forensics Using Regular Expressions
Document7 pages
Android Digital Forensics - Simplifying Android Forensics Using Regular Expressions
YorkIsMine
No ratings yet