Digital Forensics Assignment: Disk Imaging and Steganography in Linux

Verified

Added on 2020/02/24

AI Summary

This digital forensics assignment provides a comprehensive overview of two key areas: disk imaging and steganography. The first task focuses on collecting a disk image from a Linux-based computer at a crime scene using the 'dd' command, highlighting the necessary hardware and software requirements, including external storage and a Linux Live CD. The second task delves into steganography, exploring how to hide secret messages within graphic files, such as images or videos, using the 'steghide' tool in Kali Linux. The process involves installing the software, creating a text file with the hidden message, embedding the message into an image file, and retrieving the embedded message. The assignment emphasizes the importance of these techniques in digital investigations, offering practical insights into evidence collection and data concealment.

Running head: DIGITAL FORENSICS
Digital Forensics
Name of the Student:
Name of the University:
Author Note:

Paraphrase This Document

Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser

1DIGITAL FORENSICS
Task 2
The assignment serves the purpose of providing an overview on some of the software
and hardware that can be used to collect the disk image of a Linux based computer from the
crime scene that cannot be removed from the scene. Many tools can be found in the market,
both open sourced and licensed that helps in digital forensic works. The main method is to
use Linux Live CD that has an operating system of its own and can be used to gather disk
image from the computer at a crime scene, which cannot be removed from the scene (Nelson,
Phillips & Steuart, 2014). However, Linux Operating System is often equipped with in built
tools that help in the digital forensic jobs as well.
The hardware requirement for collecting disk image is an external hard drive or an
external storage device that has the required storage space to load the disk image that has
been retrieved from the computer (Quick & Choo, 2016).
The software requirement is met by using a digital forensic tool, some basic
knowledge on the modification of the BIOS setup of the computer if necessary and knowhow
of using shell commands within the computer. In this case, the Linux dd is considered as a
tool to retrieve the disk image from the Linux computer (Rafique & Khan, 2013).
Linux dd – This tool is preloaded in most latest Linux operating systems like Ubuntu and
Fedora. The tool serves the purpose of creating a drive image from the Linux based computer
or forensically wiping a drive. To operate a dd, a command prompt window is required to be
opened where the term dd is entered along with a set of command parameters depending on
the task that is required to be performed. In this case, the dd will be used to collect the drive
image from the Linux based computer (Sindhu & Meshram, 2012). The common dd syntax
for the creation of a forensic image of a drive is as given below:

2DIGITAL FORENSICS
dd if=/dev/sdb1 of=/home/andrew/newimage.dd bs=512 conv=noerror,sync
where if = input file or drive, of = output file, bs = byte size, conv = conversion options
(Sindhu & Meshram, 2012).
The obtained data or image of the disk is stored in an external hard drive for using as
evidence during the investigation (Sindhu & Meshram, 2012).
Task 3
The purpose of the research is to provide solution regarding the hiding procedure of
secret messages to a graphic file such as an video or image file for an investigation where a
number of graphic files have been sent from an unknown source to a suspect of the crime
through email. Many methods are there that help in embedding sensitive data in graphic files.
The prime purpose of such a method is to send secret information to a target recipient without
involving the risk of compromising the data at the hands of an intermediate receiver who
might intercept the data while it is being electronically transferred (Green et al., 2015).
Using the method of Steganography using a tool in Kali Linux known as steghide is
considered as a solution to embed such kind of secret data into a graphic file like an image or
video file (Hamid et al., 2012).
Steghide – A software can be used to hide messages inside graphical files such as digital
images and videos. This software can be used only if it is installed in a computer that has Kali
Linux as its operating system (Chanu, Singh & Tuithung, 2012).
The process involves installing the software in Kali Linux as the initial step. A text
file is created that contains the hidden message required to be sent to the target individual. A
text editor can be used for this phase of the process. It is mandatory to save the file before
proceeding with the next phases of the process. The image file that will be used to disguise

3DIGITAL FORENSICS
the secret message is also saved along with the text file (Das, 2014). The next step involves
the embedding of the hidden message with the graphic file using steghide. The embedding
requires entering some command parameters in the terminal window along with a password
or a passphrase. The process of embedding is thus complete (Das, 2014).
The tool can also be used to compare the original file to the stenographic file, which
shows that the stenographic file is considerably larger than the original file. The hash values
of the original file differ from the modified stenographic file as well. The embedded message
can be retrieved by using the extract –sf command in the terminal window (Das, 2014).

Paraphrase This Document

Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser

4DIGITAL FORENSICS
References
Chanu, Y. J., Singh, K. M., & Tuithung, T. (2012). Image steganography and steganalysis: A
survey. International Journal of Computer Applications, 52(2).
Das, R. (2014). An Investigation on Information Hiding Tools for Steganography.
International Journal of Information Security Science, 3(3), 200-208.
Green, J., Levstein, I., Boggs, C. R. J., & Fenger, T. (2015). Steganography Analysis:
Efficacy and Response-Time of Current Steganalysis Software. J Comput Sci, 9, 236-
44.
Hamid, N., Yahya, A., Ahmad, R. B., & Al-Qershi, O. M. (2012). Image steganography
techniques: an overview. International Journal of Computer Science and Security
(IJCSS), 6(3), 168-187.
Nelson, B., Phillips, A., & Steuart, C. (2014). Guide to computer forensics and investigations.
Cengage Learning.
Quick, D., & Choo, K. K. R. (2016). Big forensic data reduction: digital forensic images and
electronic evidence. Cluster Computing, 19(2), 723-740.
Rafique, M., & Khan, M. N. A. (2013). Exploring static and live digital forensics: Methods,
practices and tools. International Journal of Scientific & Engineering Research, 4(10),
1048-1056.
Sindhu, K. K., & Meshram, B. B. (2012). Digital forensics and cyber crime datamining.
Journal of Information Security, 3(3), 196.