Electronic crime is very difficult to investigate and prosecute, mainly
due to the fact that investigators have to build their cases based on artefacts left
on computer systems. Nowadays, computer criminals are aware of computer forensics
methods and techniques and try to use countermeasure techniques to efficiently
impede the investigation processes. In many cases investigation with
such countermeasure techniques in place appears to be too expensive, or too
time consuming to carry out. Often a case can end up being abandoned and investigators
are left with a sense of personal defeat. The methodologies used
against the computer forensics processes are collectively called Anti-Forensics.
This paper explores the anti forensics problem in various stages of computer forensic
investigation from both a theoretical and practical point of view