Anti-forensics: Furthering digital forensic science through a new extended, granular taxonomy

被引:42
|
作者
Conlan, Kevin [1 ]
Baggili, Ibrahim [1 ]
Breitinger, Frank [1 ]
机构
[1] Univ New Haven, ECECS, Tagliatela Coll Engn, Cyber Forens Res & Educ Grp, 300 Boston Post Rd, West Haven, CT 06516 USA
关键词
Anti-forensics; Computer crime; Digital forensics; Categorical data set; Anti-digital forensics; Anti-forensics taxonomy; Formalizing digital forensics;
D O I
10.1016/j.diin.2016.04.006
中图分类号
TP [自动化技术、计算机技术];
学科分类号
0812 ;
摘要
Anti-forensic tools, techniques and methods are becoming a formidable obstacle for the digital forensic community. Thus, new research initiatives and strategies must be formulated to address this growing problem. In this work we first collect and categorize 308 anti-digital forensic tools to survey the field. We then devise an extended anti-forensic taxonomy to the one proposed by Rogers (2006) in order to create a more comprehensive taxonomy and facilitate linguistic standardization. Our work also takes into consideration anti-forensic activity which utilizes tools that were not originally designed for anti-forensic purposes, but can still be used with malicious intent. This category was labeled as Possible indications of anti-forensic activity, as certain software, scenarios, and digital artifacts could indicate anti-forensic activity on a system. We also publicly share our data sets, which includes categorical data on 308 collected anti-forensic tools, as well as 2780 unique hash values related to the installation files of 191 publicly available anti-forensic tools. As part of our analysis, the collected hash set was ran against the National Institute of Standards and Technology's 2016 National Software Reference Library, and only 423 matches were found out of the 2780 hashes. Our findings indicate a need for future endeavors in creating and maintaining exhaustive anti-forensic hash data sets. (C) 2016 The Author(s). Published by Elsevier Ltd.
引用
收藏
页码:S66 / S75
页数:10
相关论文
共 36 条
  • [1] Anti-Forensics of Digital Image Compression
    Stamm, Matthew C.
    Liu, K. J. Ray
    [J]. IEEE TRANSACTIONS ON INFORMATION FORENSICS AND SECURITY, 2011, 6 (03) : 1050 - 1065
  • [2] Bibliography of digital image anti-forensics and anti-anti-forensics techniques
    Qureshi, Muhammad Ali
    El-Alfy, El-Sayed M.
    [J]. IET IMAGE PROCESSING, 2019, 13 (11) : 1811 - 1823
  • [3] A tour through the realm of anti-forensics
    Forte, Dario
    Power, Richard
    [J]. Computer Fraud and Security, 2007, 2007 (06): : 18 - 20
  • [4] Anti-Forensics: The Next Step in Digital Forensics Tool Testing
    Wundram, Martin
    Freiling, Felix C.
    Moch, Christian
    [J]. 2013 SEVENTH INTERNATIONAL CONFERENCE ON IT SECURITY INCIDENT MANAGEMENT AND IT FORENSICS (IMF 2013), 2013, : 83 - 97
  • [5] Anti-Forensics of Contrast Enhancement in Digital Images
    Cao, Gang
    Zhao, Yao
    Ni, Rongrong
    Tian, Huawei
    [J]. MM&SEC 2010: 2010 ACM SIGMM MULTIMEDIA AND SECURITY WORKSHOP, PROCEEDINGS, 2010, : 25 - 34
  • [6] Android anti-forensics through a local paradigm
    Distefano, Alessandro
    Me, Gianluigi
    Pace, Francesco
    [J]. DIGITAL INVESTIGATION, 2010, 7 : S83 - S94
  • [7] Computer Anti-forensics Methods and Their Impact on Computer Forensic Investigation
    Pajek, Przemyslaw
    Pimenidis, Elias
    [J]. GLOBAL SECURITY, SAFETY, AND SUSTAINABILITY, PROCEEDINGS, 2009, 45 : 145 - 155
  • [8] Applying traditional forensic taxonomy to digital forensics
    Pollitt, Mark
    [J]. ADVANCES IN DIGITAL FORENSICS IV, 2008, 285 : 17 - 26
  • [9] Understanding digital image anti-forensics: an analytical review
    Taneja, Neeti
    Bramhe, Vijendra Singh
    Bhardwaj, Dinesh
    Taneja, Ashu
    [J]. MULTIMEDIA TOOLS AND APPLICATIONS, 2024, 83 (04) : 10445 - 10466
  • [10] Understanding digital image anti-forensics: an analytical review
    Neeti Taneja
    Vijendra Singh Bramhe
    Dinesh Bhardwaj
    Ashu Taneja
    [J]. Multimedia Tools and Applications, 2024, 83 : 10445 - 10466