Taxonomy for Anti-Forensics Techniques & Countermeasures

Computer Forensic Tools are used by forensics investigators to analyze evidence from the seized devices collected at a crime scene or from a person, in such ways that the results or findings can be used in a court of law. These computer forensic tools are very important and useful as they help the law enforcement personnel to solve crimes. Computer criminals are now aware of the forensics tools used; therefore, they use countermeasure techniques to efficiently obstruct the investigation processes. By doing so, they make it difficult or almost impossible for investigators to uncover the evidence. These techniques, used against the computer forensics processes, are called Anti-forensics. This paper describes some of the many anti-forensics’ method, techniques and tools using a taxonomy. The taxonomy classified anti-forensics into different levels and different categories: WHERE, WHICH, WHAT, and HOW. The WHERE level indicates where anti-forensics can occur during an investigation. The WHICH level indicates which anti-forensics techniques exist. The WHAT level defines the exact method used for each technique. Finally, the HOW level indicates the tools used. Additionally, some countermeasures were proposed

Digital Anti-Forensics: An Implementation and Examination

The rise of computer use and technical adeptness by the general public in the last two decades are undeniable. With greater use comes a greater possibility for misuse, evidenced by today’s incredible number of crimes involving computers as well as the growth in severity from that of cyber hooliganism to cyber warfare. Although frequently utilized for privacy and security purposes, the vast range of anti-forensic techniques has contributed to the ability for hackers and criminals to obstruct computer forensic investigations. Understanding how anti-forensics may alter important and relevant data on an electronic device will prove useful for the success and continued advancement of computer forensic investigations. This paper will amalgamate the academic literature on anti-forensics as well as test four of the most accessible anti-forensic tools available online to reveal at what degree they confound traditional computer forensic tools and techniques. Strategies for detecting and mitigating the effects of anti-forensic efforts will be put forth to help inform the future of computer forensic investigative techniques

Smartphone Forensic Challenges

Article originally published in Internation Journal of Computer Science and SecurityGlobally, the extensive use of smartphone devices has led to an increase in storage and transmission of enormous volumes of data that could be potentially be used as digital evidence in a forensic investigation. Digital evidence can sometimes be difficult to extract from these devices given the various versions and models of smartphone devices in the market. Forensic analysis of smartphones to extract digital evidence can be carried out in many ways, however, prior knowledge of smartphone forensic tools is paramount to a successful forensic investigation. In this paper, the authors outline challenges, limitations and reliability issues faced when using smartphone device forensic tools and accompanied forensic techniques. The main objective of this paper is intended to be consciousness-raising than suggesting best practices to these forensic work challenges

A Proposed Model of Digital Forensic on Cloud Computing Security Infrastructure

Over the past decades, practitioners and researchers have made remarkable achievements in digital forensic. The abilities to conquer major technical obstacles are bestowing practitioners greater access to digital evidence. Sophisticated forensic techniques and tools are being developed to assist forensic acquisition and extraction of volatile data, inspection of remote repositories system and analysis of network traffic. Computer forensic is a comprehensive work that based on several attributes that are : objectivity, relevance and legitimacy to compose a system model that projected to be an electronic evidence forensic system. Latest studies show that the rapid growing of cloud computing facilities usage that has enable various improvements as part of the innovation process at organisations. Information systems are in frequently exposed to various types of threats which able to trigger different types of bad consequences as more and more information stored, problems arise especially about security information technology risk aspects. Keywords—computer forensic, cloud computing, electronic evidence forensic system, security, information technology risk, information syste

Memory-Based antiforensic tools and techniques

Computer forensics is the discipline that deals with the acquisition, investigation, preservation, and presentation of digital evidence in the court of law. Whereas antiforensics is the terminology used to describe malicious activities deployed to delete, alter, or hide digital evidence with the main objective of manipulating, destroying, and preventing the creation of evidence. Various antiforensic methodologies and tools can be used to interfere with digital evidence and computer forensic tools. However, memory-based antiforensic techniques are of particular interest because of their effectiveness, advanced manipulation of digital evidence, and attack on computer forensic tools. These techniques are mainly performed in volatile memory using advanced data alteration and hiding techniques. For these reasons memory-based antiforensic techniques are considered to be unbeatable. This article aims to present some of the current antiforensic approaches and in particular reports on memory-based antiforensic tools and techniques

Forensic Analysis of Communication Tools

Tato práce se zabývá technikami a postupy forenzní analýzy se zaměřením na internetovou komunikaci. Součástí práce je porovnání existujících aplikací pro forenzní analýzu komunikačních nástrojů, návrh a implementace vlastní aplikace. Vytvořená aplikace umožňuje získání a filtraci vybraných dat z počítače pro pozdější analýzu.This paper deals with techniques and procedures of forensic analysis with focusing on the internet communication. Part of this work is comparison of existing applications for forensic analysis of communication tools, design and implementation of its own application. Created application enables obtaining and filtration selected computer data for later analysis.

Data mining Techniques for Digital Forensic Analysis

The computer forensic involve the protection, classification, taking out information and documents the evidence stored as data or magnetically encoded information. But the organizations have an increasing amount of data from many sources like computing peripherals, personal digital assistants (PDA), consumer electronic devices, computer systems, networking equipment and various types of media, among other sources. To find similar kinds of evidences, crimes happened previously, the law enforcement officers, police forces and detective agencies is time consuming and headache. The main motive of this work is by combining a data mining techniques with computer forensic tools to get the data ready for analysis, find crime patterns, understand the mind of the criminal, assist investigation agencies have to be one step ahead of the bad guys, to speed up the process of solving crimes and carry out computer forensics analyses for criminal affairs

Steganalysis in computer forensics

Steganography deals with secrecy and convert communication and today the techniques for countering this in the context of computer forensics has somewhat fallen behind. This paper will discuss on how steganography is used for information hiding and its implications on computer forensics. While this paper is not about recovering hidden information, tools that are used for both steganography and steganalysis is evaluated and identifies the shortcomings that the forensic analysts would face. In doing so this paper urges on what the stakeholders in the field of computer forensics needs to do to keep ahead of criminals who are using such techniques to their advantage and obscure their criminal activities

A Survey On Various Methods To Detect Forgery And Computer Crime In Transaction Database

Abstract: A computer forensic method can be used for detecting the different types of forgeries and computer crime. Forgeries and computer crime are the most major concern of the digital world. Lots of techniques and methods have been used to find a proper solution to these problems. Nowadays, digital forensics are an important topic for research articles. In this paper a general survey has been carried out for different methods used in computer forensics to track the evidences which can be useful for detecting the computer crime and forgery. Forensic tools can be used for making any changes to data or tampering of data. Different rules sets or methods are defined to detect the various errors regarding the changes and the tampering of the data in different windows file system. Digital evidence can also be used to detect forgery or computer crime

Steganalysis in computer forenics

Steganography deals with secrecy and convert communication and today the techniques for countering this in the context of computer forensics has somewhat fallen behind. This paper will discuss on how steganography is used for information hiding and its implications on computer forensics. While this paper is not about recovering hidden information, tools that are used for both steganography and steganalysis is evaluated and identifies the shortcomings that the forensic analysts would face. In doing so this paper urges on what the stakeholders in the field of computer forensics needs to do to keep ahead of criminals who are using such techniques to their advantage and obscure their criminal activities