论文信息 - Anti-Forensics and the Digital Investigator

Anti-Forensics and the Digital Investigator

Viewed generically, anti-forensics (AF) is that set of tactics and measures taken by someone who wants to thwart the digital investigation process. This paper describes some of the many AF tools and methods, under the broad classifications of data hiding, artefact wiping, trail obfuscation, and attacks on the forensics tools themselves. The concept of AF is neither new nor solely intended to be used by the criminal class; it also has legitimate use by those who wish to protect their privacy. This paper also introduces the concept of time-sensitive antiforensics, noting that AF procedures might be employed for the sole purpose of delaying rather than totally preventing the discovery of digital information.

Gary C. Kessler | G. Kessler

[1] R. Jones,et al. Digital Evidence and Computer Crime: Forensic Science, Computers and the Internet , 2003, Int. J. Law Inf. Technol..

[2] Jill Slay,et al. Identifying Non-Volatile Data Storage Areas: Unique Notebook Identification Information as Digital Evidence , 2007, J. Digit. Forensics Secur. Law.

[3] G. Kessler. Denial‐of‐Service Attacks , 2009 .

[4] Kamran Ahsan,et al. Covert Channel Analysis and Data Hiding in TCP/IP , 2002 .

[5] David Llamas. Covert channel analysis and data hiding in tcp/ip. , 2004 .

[6] Eric Van Buskirk,et al. Digital Evidence: Challenging the Presumption of Reliability , 2006, J. Digit. Forensic Pract..

[7] Winn Schwartau,et al. Time Based Security , 1999 .

[8] Michael A. Caloyannides. Computer Forensics and Privacy , 2001 .

[9] Chris Palmer,et al. Breaking Forensics Software: Weaknesses in Critical Evidence Collection , 2007 .

[10] Ryan Harris,et al. Arriving at an anti-forensics consensus: Examining how to define and control the anti-forensics problem , 2006, Digit. Investig..

[11] Craig H. Rowland,et al. Covert Channels in the TCP/IP Protocol Suite , 1997, First Monday.

[12] Lorrie Faith Cranor,et al. Scrubbing Stubborn Data: An Evaluation of Counter-Forensic Privacy Tools , 2006, IEEE Security & Privacy.

[13] Gary C. Kessler,et al. An Overview of Steganography for the Computer Forensics Examiner , 2004 .