SocialStegDisc: Application of steganography in social networks to create a file system

The concept named SocialStegDisc was introduced as an application of the original idea of StegHash method. This new kind of mass-storage was characterized by unlimited space. The design also attempted to improve the operation of StegHash by trade-off between memory requirements and computation time. Applying the mechanism of linked list provided the set of operations on files: creation, reading, deletion and modification. Features, limitations and opportunities were discussed.Comment: 5 pages, 5 figure

Methods for Information Hiding in Open Social Networks

This paper summarizes research on methods for information hiding in Open Social Networks. The first contribution is the idea of StegHash, which is based on the use of hashtags in various open social networks to connect multimedia files (such as images, movies, songs) with embedded hidden data. The proof of concept was implemented and tested using a few social media services. The experiments confirmed the initial idea. Next, SocialStegDisc was designed as an application of the StegHash method by combining it with the theory of filesystems. SocialStegDisc provides the basic set of operations for files, such as creation, reading or deletion, by implementing the mechanism of a linked list. It establishes a new kind of mass-storage characterized by unlimited data space, but limited address space where the limitation is the number of the hashtags' unique permutations. The operations of the original StegHash method were optimized by trade-offs between the memory requirements and computation time. Features and limitations were identified and discussed. The proposed system broadens research on a completely new area of threats in social networks

Forensic Analysis in Linux OS

Práce se zabývá rozborem možností forenzní analýzy při vyšetřování na operačních systémech Linux. Použitím distribuce BackTrack a obsažených nástrojů je provedeno forenzní vyšetřování na testovací instalaci operačního systému Xubuntu. Práce je rozdělena do kapitol, kde postupně popisuje základy operačního systému Linux, přes požadavky kladené na vyšetřovatele a jeho vybavení až k seznámení s nástroji používanými na analýzu. Všechny porovnávané nástroje jsou volně dostupné a svou velikostí sahají od jednoduchých nástrojů až po komplexní prostředí. Teoretické poznatky jsou aplikovány na reálný systém, kde je ukázáno použití analyzovaných nástrojů. Práce je zakončena shrnutím nálezů vyšetřování do forenzního posudku.This thesis deals with possibilities of forensic analysis on Linux operating system investigation. Forensic investigation is performed on test installation of Xubuntu using BackTrack distribution and tools included on it. The thesis is divided into chapters, starting with operating system Linux basics, continuing with requirements for investigator and his equipment to tools used for analysis. All discussed tools are available for free, their size vary from simple and small tools to complex frameworks. Theoretical knowledge is applied to real system and usage of tools is shown. This thesis ends with forensic report, which summarizes all findings gathered during investigation.

An Evaluation of Forensic Tools for Linux : Emphasizing EnCase and PyFlag

Denne masteroppgaven gir en vurdering og sammenligning av flere datakriminaltekniske verktøy, med et spesielt fokus på to spesifikke verktøy. Det første kalles EnCase Forensics og er et kommersielt tilgjengelig verktøy som blir benyttet av politi og myndigheter flere steder i verden. Det andre kalles PyFlag og er et open source alternativ som ble benyttet i det vinnende bidraget til Digital Forensics Research Workshop (DFRWS) i 2008. Selv om verktøyene blir evaluert i sin helhet, vil hovedfokuset ligge på viktig søkefunksjonalitet. Tatt i betraktning at mesteparten av forskningen innen området er basert på Microsoft Windows plattformen, mens mindre forskning har blitt utført angående analyse av Linux systemer, så undersøker vi disse verktøyene hovedsakelig i et Linux miljø. Med disse verktøyene utfører vi datakriminalteknisk utvinning og analyse av realistiske data. I tillegg benyttes et verktøy med navn dd, for å utvinne data fra Linux. Denne masteroppgaven inneholder spesifiserte testprosedyrer, problemer vi støtte på under selve testingen, og de endelige resultatene