Digital Forensics Report: Anti-Forensics and Data Recovery Methods

Verified

Added on 2022/09/09

AI Summary

This report delves into the realm of digital forensics, focusing on anti-forensic techniques used to hinder investigations. The student explores various methods of data hiding, including altering file headers, splitting files, utilizing slack space, encryption, and steganography. The report highlights the challenges these techniques pose to investigators and discusses tools like Xiao Steganography and Steghide. The author emphasizes the importance of careful data retrieval and the need for IT professional consultation in complex cases. Furthermore, the report touches upon incident response, emphasizing the need for preparedness, technical knowledge, and coordination. The student concludes by underscoring the critical need for investigators to remain vigilant and adapt to evolving anti-forensic practices. The report also briefly touches on the importance of incident response, business continuity, and disaster recovery in the context of digital forensics.

Running head: DIGITAL FORENSICS
DIGITAL FORENSICS
Name of the Student
Name of the University
Author Note

Paraphrase This Document

Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser

1DIGITAL FORENSICS
Explanation of Method
Anti forensics is a nightmare to the forensic investigators. I have learnt that there are
programmers that design the tools of anti-forensics to make it complicated for the
investigators to obtain information from the digital media. I have learnt that anti-forensics
refers to any method, software or any designed that is designed in order to hinder a forensic
investigation. I have known that there are various ways that people can hide information.
There are programs that can be fool a computer by altering the information in the headers of
files.
Critical Evaluation
I have studied earlier that a header of files is invisible to humans but is very essential.
It tells the computer the type of file the header is attached to (Kim et al 2017). I have known
that if a file is renamed to another extension then the signature of the file will still be that file.
Investigators should look for particular formats of files when they are investigating a case. I
have learnt that there are other programs that can split files into very small sections and then
hide the split files. I have studies about the slack space that the criminal can take advantage.
There are files that have spaces those are unused are called slack space. The criminal can hide
files by using the slack space with the correct program. I have studies that it becomes very
complex for the investigators to retrieve these kinds of files.
Conclusion based on Personal Experience
There are various ways by which data can be hidden by the criminal. I have studied
about encryption and steganography as the most common way to hide files. Encryption is
way to hide the sensitive data. When the criminal encrypts files, I have studies that they
utilise complicated sequence of rules in order to make the data unreadable. I have learnt that

2DIGITAL FORENSICS
the investigators cannot open the files without the key or they have to use programs in order
to crack the password and retrieve the information. I have learnt about another method known
as the Steganography (Kang et al 2016). Steganography is the referred to as the art of hiding
the important information in digital forensics. I have learnt about various tools those are used
for steganography. The tools that I have learnt include Xiao Steganography and Steghide. I
have studied that Xiao Steganography is a hybrid tool that permit the end users to conceal the
files within audio or image files. I have also studies that Steghide is an open-source that is
able to conceal data in audio or image files. I have also learnt that the tools of anti-forensics
can alter the metadata that is attached to various files (Göbel and Baier 2018). Metadata
consists of various information like the creation of files and the alteration of files. I have
studies that when an investigator tries to access the system forcefully, the files can be deleted.
Therefore, I think that the investigators must be careful when retrieving data from the digital
media. From here, I have concluded that the investigators must be careful when they come
across these conditions. They should consult an IT professional when a computer is encrypted
or hidden using Steganography. Therefore, Anti-forensics can hinder the investigation of a
case and I think that the investigators should be careful during the retrieval of the evidences
as any mistake can delete the data.

3DIGITAL FORENSICS
References
Göbel, T. and Baier, H., 2018. Anti-forensics in ext4: On secrecy and usability of timestamp-
based data hiding. Digital Investigation, 24, pp.S111-S120.
Kang, X., Liu, J., Liu, H. and Wang, Z.J., 2016. Forensics and counter anti-forensics of video
inter-frame forgery. Multimedia Tools and Applications, 75(21), pp.13833-13853.
Kim, D., Jang, H.U., Mun, S.M., Choi, S. and Lee, H.K., 2017. Median filtered image
restoration and anti-forensics using adversarial networks. IEEE Signal Processing
Letters, 25(2), pp.278-282.