Digital Forensic Investigation Report: Superior Bicycles Case
VerifiedAdded on 2025/04/25
|15
|2527
|75
AI Summary
Desklib provides past papers and solved assignments for students. This report details a digital forensics investigation.
Investigation report for Superior Bicycles
Paraphrase This Document
Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser
Contents
Executive Summary.....................................................................................................................................3
Introduction.................................................................................................................................................4
Analysis conducted......................................................................................................................................5
Findings.......................................................................................................................................................8
Conclusion.................................................................................................................................................10
References.................................................................................................................................................11
2
Executive Summary.....................................................................................................................................3
Introduction.................................................................................................................................................4
Analysis conducted......................................................................................................................................5
Findings.......................................................................................................................................................8
Conclusion.................................................................................................................................................10
References.................................................................................................................................................11
2
Executive Summary
The report includes the result of investigation conducted on superior bicycles as the digital
forensic investigator. The file was named as “Materials’ consisting the information regarding the
construction of new Bicycle frame. The file extension was unknown. Also a file of old format is
needed to be converted into new format in order to extract the useful information from it. The
files extracted are useful in an old case of Superior bicycles. The tools used to locate and recover
the digital file named as "Materials" are ProDiscover and WinHex. These tools have been used to
find the file the fragmented data is Collected to combine them into one single file and to convert
the older file headers into new file format header. So that the old type of format can be converted
into new one. In order to extract the hidden information, it is necessary to know the methods
used in hiding the data such as cryptography and steganography and watermarking. Therefore,
the report contains description of all these methods using which the data can be kept hidden.
After recovering the image file in order to extract important information from it, graphic image
analysis is done. The findings include the old file and a converted copy of it in new format. Some
methods like string search techniques, detecting the user ownership are also described to help in
research findings.
3
The report includes the result of investigation conducted on superior bicycles as the digital
forensic investigator. The file was named as “Materials’ consisting the information regarding the
construction of new Bicycle frame. The file extension was unknown. Also a file of old format is
needed to be converted into new format in order to extract the useful information from it. The
files extracted are useful in an old case of Superior bicycles. The tools used to locate and recover
the digital file named as "Materials" are ProDiscover and WinHex. These tools have been used to
find the file the fragmented data is Collected to combine them into one single file and to convert
the older file headers into new file format header. So that the old type of format can be converted
into new one. In order to extract the hidden information, it is necessary to know the methods
used in hiding the data such as cryptography and steganography and watermarking. Therefore,
the report contains description of all these methods using which the data can be kept hidden.
After recovering the image file in order to extract important information from it, graphic image
analysis is done. The findings include the old file and a converted copy of it in new format. Some
methods like string search techniques, detecting the user ownership are also described to help in
research findings.
3
⊘ This is a preview!⊘
Do you want full access?
Subscribe today to unlock all pages.
Trusted by 1+ million students worldwide
4
Paraphrase This Document
Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser
Introduction
The report is the investigation report of Superior Bicycles and aims to cover the steps included in
extracting and recovering the lost image file. As the digital forensic investigator appointed to this
case, the main goal is to extract the file named as “Materials” whose format is unknown and also
the format used by the computer in an old one so the file needs to be converted into new format.
To extract the important information from the file, it has to be converted into new format. To
extract and recover the data file there are various steps taken from finding the file format to
converting the image’s header in order to convert it into a new and known file format. For
analysis the methods used are graphic image analysis, ProDiscover and WinHex for recovering
the image file. the report contains all the information regarding methods used, data hiding
techniques, data extraction techniques and research findings.
5
The report is the investigation report of Superior Bicycles and aims to cover the steps included in
extracting and recovering the lost image file. As the digital forensic investigator appointed to this
case, the main goal is to extract the file named as “Materials” whose format is unknown and also
the format used by the computer in an old one so the file needs to be converted into new format.
To extract the important information from the file, it has to be converted into new format. To
extract and recover the data file there are various steps taken from finding the file format to
converting the image’s header in order to convert it into a new and known file format. For
analysis the methods used are graphic image analysis, ProDiscover and WinHex for recovering
the image file. the report contains all the information regarding methods used, data hiding
techniques, data extraction techniques and research findings.
5
Analysis conducted
1. Description of programs used on examined items
To locate and recover the digital file named as "Materials", the following methods are
used:
As locating and recovering the digital files in the hard drive using the operating system's
built-in tools, it is difficult to locate as these methods are time consuming and verification
of results are also difficult. Name of the digital files that is needed to be recovered is
materials but the format is not known. Hence the information about the header has been
identified by comparing the image header with the standard JPEG image headers and
with other type of image headers. This ensures the exact file format of the digital file.
Because the header of file is difficult to remember it can only be compared with the
standard file headers so that the header can be repaired if it is damaged (Jones Jr,
Srivastava, Mosier, Anderson, & Buenafe, 2017). After identify the correct format of the
file, if the file is not opening up in its format, then the information in supply header can
be used as the instructions to open up the file. To find the file the fragmented data is
Collected to combine them into one single file. For this ProDiscover is used (Lazaridis,
Arampatzis, & Pouros, 2016).
After examining the reconstructed file from the fragments, the hexadecimal pattern of the
header is compared with the standard hexadecimal pattern of known file formats. After
correcting the header of the file, the file is opened using an image viewer to test whether
the image has been successfully recovered or not. If the image gets displayed correctly,
then the recovery is successful otherwise again the header needs to be inspected and
corrected (Jo, Chang & Shon, 2018).
In order to view the older format file, Paper Port scanning program has been used. And
then WinHex is used to convert the older file headers into new file format header. So that
the old type of format can be converted into a new one.
2. Data hiding techniques
Cryptography and steganography
6
1. Description of programs used on examined items
To locate and recover the digital file named as "Materials", the following methods are
used:
As locating and recovering the digital files in the hard drive using the operating system's
built-in tools, it is difficult to locate as these methods are time consuming and verification
of results are also difficult. Name of the digital files that is needed to be recovered is
materials but the format is not known. Hence the information about the header has been
identified by comparing the image header with the standard JPEG image headers and
with other type of image headers. This ensures the exact file format of the digital file.
Because the header of file is difficult to remember it can only be compared with the
standard file headers so that the header can be repaired if it is damaged (Jones Jr,
Srivastava, Mosier, Anderson, & Buenafe, 2017). After identify the correct format of the
file, if the file is not opening up in its format, then the information in supply header can
be used as the instructions to open up the file. To find the file the fragmented data is
Collected to combine them into one single file. For this ProDiscover is used (Lazaridis,
Arampatzis, & Pouros, 2016).
After examining the reconstructed file from the fragments, the hexadecimal pattern of the
header is compared with the standard hexadecimal pattern of known file formats. After
correcting the header of the file, the file is opened using an image viewer to test whether
the image has been successfully recovered or not. If the image gets displayed correctly,
then the recovery is successful otherwise again the header needs to be inspected and
corrected (Jo, Chang & Shon, 2018).
In order to view the older format file, Paper Port scanning program has been used. And
then WinHex is used to convert the older file headers into new file format header. So that
the old type of format can be converted into a new one.
2. Data hiding techniques
Cryptography and steganography
6
⊘ This is a preview!⊘
Do you want full access?
Subscribe today to unlock all pages.
Trusted by 1+ million students worldwide
Among the various other techniques used for hiding the data and transmitting the data,
Cryptography and Steganography are the most popular ones. These techniques are used
to cover the existence of files. Cryptography is known as a technique using which data
can be encrypted and decrypted using mathematics. After converting the data into secret
code of bytes; it is further transmitted to maintain the security. To conceal the data’s
binary code, the last bit was used. In cryptography the characters are converted to
numbers wherever possible and then those characters are represented by different codes,
to increase security against the cyber-attacks. On the other hand, Steganography is known
as the method of hiding communication. A stenographic system makes the data to appear
in a hidden content that is difficult to be identified by the attackers. In this technique the
message that has to be converted into secret message is embedded into a digital image,
and then the digital image is transferred further. This way a safer and secret way of
hiding the useful information is achieved. In order to take these techniques to next level,
both are combined together to make a new method of hiding the data. This method also
decrease the memory space of characters used in representing the data. Method used for
hiding the encrypted message into images is LSB. This method was used before to hide
the secret data into the image. For measuring the image quality MSF and PSNR are used.
These methods are used to give greater results. The reason behind using these two
techniques together is the security level that can be achieved (Jisha & Monoth,2019).
Watermarking
Watermarking is used to add the details of owner or a time stamp for security purposes
and to prevent copyright issues. It is further divided into two parts:
1. Fragile watermark- it gets modified whenever the host image is changed with the help
of transformations. This watermark method is used to provide authentication and
verification of images.
2. Robust watermark- this watermarking technique is used to provide ownership
protection because even with compression, filtering, transformation, rotation and
translation, the watermark cannot be modified (Shi, Kim, Perez-Gonzalez, & Liu,
2017).
7
Cryptography and Steganography are the most popular ones. These techniques are used
to cover the existence of files. Cryptography is known as a technique using which data
can be encrypted and decrypted using mathematics. After converting the data into secret
code of bytes; it is further transmitted to maintain the security. To conceal the data’s
binary code, the last bit was used. In cryptography the characters are converted to
numbers wherever possible and then those characters are represented by different codes,
to increase security against the cyber-attacks. On the other hand, Steganography is known
as the method of hiding communication. A stenographic system makes the data to appear
in a hidden content that is difficult to be identified by the attackers. In this technique the
message that has to be converted into secret message is embedded into a digital image,
and then the digital image is transferred further. This way a safer and secret way of
hiding the useful information is achieved. In order to take these techniques to next level,
both are combined together to make a new method of hiding the data. This method also
decrease the memory space of characters used in representing the data. Method used for
hiding the encrypted message into images is LSB. This method was used before to hide
the secret data into the image. For measuring the image quality MSF and PSNR are used.
These methods are used to give greater results. The reason behind using these two
techniques together is the security level that can be achieved (Jisha & Monoth,2019).
Watermarking
Watermarking is used to add the details of owner or a time stamp for security purposes
and to prevent copyright issues. It is further divided into two parts:
1. Fragile watermark- it gets modified whenever the host image is changed with the help
of transformations. This watermark method is used to provide authentication and
verification of images.
2. Robust watermark- this watermarking technique is used to provide ownership
protection because even with compression, filtering, transformation, rotation and
translation, the watermark cannot be modified (Shi, Kim, Perez-Gonzalez, & Liu,
2017).
7
Paraphrase This Document
Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser
Steganalysis
It is the method of analysing the steganography. There are two types of steganalysis
visual and statistical analysis. In visual analysis the image is inspected through naked
eyes in order to or with the help of computer in order to find whether a hidden
information is present or not. Further the image can be separated using converted into bits
to analyse it further. on the other hand, statistical image analysis in much accurate and
powerful because it can identify smallest change in image’s statistical pattern. Finding
the average bytes, deviation of bits, variation of bits and differential values can be used to
test the image statistically (Sedighi & Fridrich, 2016).
3. Graphic image analysis
Graphic image analysis is a method using which an image can be converted into a digital
form and various operations can be performed on it. For it the input should be image and
output can vary, it may be an image or characteristics of that image. The following steps
are needed to analyse the image graphically:
1. Importing the image needed for analysis.
2. Converting image using data compression and finding patterns which are difficult for a
human eye to find.
3. output file is generated in the last stage.
Graphic image analysis is done to observe the images that are not clearly visible, to create
better images in quality, to retrieve a particular image, to find hidden patterns in an image
or to distinguish the patterns present in an image from each other. Analog and digital
image processing are the two types of graphic image analysis techniques. In analog image
processing image is present in hard copy format, whereas digital image processing use
digital images present in the computer (Lillis, Becker, O'Sullivan & Scanlon, 2016).
There are three stages to analyse an image: image preprocessing, enhancement and
extracting important information. Hence the file found after recovery has been analysed
using digital image processing, where it was extracted and pre-processed first and then
enhanced to get a clear image so that it can help in getting the bicycle design.
8
It is the method of analysing the steganography. There are two types of steganalysis
visual and statistical analysis. In visual analysis the image is inspected through naked
eyes in order to or with the help of computer in order to find whether a hidden
information is present or not. Further the image can be separated using converted into bits
to analyse it further. on the other hand, statistical image analysis in much accurate and
powerful because it can identify smallest change in image’s statistical pattern. Finding
the average bytes, deviation of bits, variation of bits and differential values can be used to
test the image statistically (Sedighi & Fridrich, 2016).
3. Graphic image analysis
Graphic image analysis is a method using which an image can be converted into a digital
form and various operations can be performed on it. For it the input should be image and
output can vary, it may be an image or characteristics of that image. The following steps
are needed to analyse the image graphically:
1. Importing the image needed for analysis.
2. Converting image using data compression and finding patterns which are difficult for a
human eye to find.
3. output file is generated in the last stage.
Graphic image analysis is done to observe the images that are not clearly visible, to create
better images in quality, to retrieve a particular image, to find hidden patterns in an image
or to distinguish the patterns present in an image from each other. Analog and digital
image processing are the two types of graphic image analysis techniques. In analog image
processing image is present in hard copy format, whereas digital image processing use
digital images present in the computer (Lillis, Becker, O'Sullivan & Scanlon, 2016).
There are three stages to analyse an image: image preprocessing, enhancement and
extracting important information. Hence the file found after recovery has been analysed
using digital image processing, where it was extracted and pre-processed first and then
enhanced to get a clear image so that it can help in getting the bicycle design.
8
9
⊘ This is a preview!⊘
Do you want full access?
Subscribe today to unlock all pages.
Trusted by 1+ million students worldwide
Findings
Research conducted as the digital forensic investigator resulted in the following research
findings:
Recovered image
Converted image into a new format
Tools and techniques to conduct the image recovery
1. String Search or Text Search
In digital forensics tools like text or string search are used to search for evidences in order
to find the text strings. These tools use indexing algorithms. Most of the cases results in a
positive finding. Using these algorithms searching becomes more easy and accurate. In
digital investigation text is known very important while investigating. The data retrieved
is extremely noisy and unimportant data is also retrieved which leads in information
overloading. The time taken to investigate the data increases and irrelevant data gets
investigated. In order to prevent it the number of irrelevant searches can be decreased or
the search keyword should be specific and relevant. The current methods used by digital
forensics uses indexing methods hence the time taken in finding the text increases (Hicks,
Beebe & Haliscak, 2016).
2. Digital forensics for Internet related evidences
Digital Forensics is used to find the hidden information present in computers, in storage
devices, communication devices which can be useful while representing a case in court.
Hence in order to capture and extract the information so that to discover evidences in the
case, network forensics plays an important role. There are various cost effective and easy
techniques and tools used to extract the information whether from internet or email or
chat logs etc. the methods are discussed below:
1. To extract information from Email the most important tools are eMailTrackerPro and
SmartWhoI. Email is the most common way of communication nowadays from business-
related tasks, official meetings, normal conversation to sending data over mail. Email are
10
Research conducted as the digital forensic investigator resulted in the following research
findings:
Recovered image
Converted image into a new format
Tools and techniques to conduct the image recovery
1. String Search or Text Search
In digital forensics tools like text or string search are used to search for evidences in order
to find the text strings. These tools use indexing algorithms. Most of the cases results in a
positive finding. Using these algorithms searching becomes more easy and accurate. In
digital investigation text is known very important while investigating. The data retrieved
is extremely noisy and unimportant data is also retrieved which leads in information
overloading. The time taken to investigate the data increases and irrelevant data gets
investigated. In order to prevent it the number of irrelevant searches can be decreased or
the search keyword should be specific and relevant. The current methods used by digital
forensics uses indexing methods hence the time taken in finding the text increases (Hicks,
Beebe & Haliscak, 2016).
2. Digital forensics for Internet related evidences
Digital Forensics is used to find the hidden information present in computers, in storage
devices, communication devices which can be useful while representing a case in court.
Hence in order to capture and extract the information so that to discover evidences in the
case, network forensics plays an important role. There are various cost effective and easy
techniques and tools used to extract the information whether from internet or email or
chat logs etc. the methods are discussed below:
1. To extract information from Email the most important tools are eMailTrackerPro and
SmartWhoI. Email is the most common way of communication nowadays from business-
related tasks, official meetings, normal conversation to sending data over mail. Email are
10
Paraphrase This Document
Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser
said to be the most effective means in terms of security, authentication and data integrity.
Therefore, all these benefits also increase the number of attackers and malicious
activities. Spam emails are a threat to internet community. Hackers can hack the mail id
and use it for secret communication hence to study the content, receiver and sender’s
address, data and time of mail sent can be used as a useful evidence in a case. Therefore,
extracting the data through these tools are helpful in digital forensics (Kurniawan &
Riadi, 2018).
2. Most widely used web browsers are Google Chrome, Internet Explorer and Mozilla. The
format used for saving the browser history by these web browsers are different. Hence
the user’s information stored in each of these browsers follows a different format. For
example, internet explorer uses “index.dat” files whereas Mozilla uses history.dat file in
order to save the browser’s history. Hence in digital forensic all these types of format
should be readable. For this the browser should contain hidden plus the system files. Web
Historian, Index.dat analyser and Total Recall are the tools used to find the hidden
browser history, to find the deleted content in index.dat file and to view the favourite
website list in browser respectively (Mualfah & Riadi, 2017)
3. Identification of user ownership
Data mining is the technique used to extract the ownership data in a better way to
summarize the data and analyse it (Frecks, Curry, Lynn, & Bland, 2017). For finding the
ownership first of all larger data sets need it to be prepared otherwise the effective
decision will not be taken, different data sets can be considered while doing the analysis
(Singh & Joshi, 2016).
11
Therefore, all these benefits also increase the number of attackers and malicious
activities. Spam emails are a threat to internet community. Hackers can hack the mail id
and use it for secret communication hence to study the content, receiver and sender’s
address, data and time of mail sent can be used as a useful evidence in a case. Therefore,
extracting the data through these tools are helpful in digital forensics (Kurniawan &
Riadi, 2018).
2. Most widely used web browsers are Google Chrome, Internet Explorer and Mozilla. The
format used for saving the browser history by these web browsers are different. Hence
the user’s information stored in each of these browsers follows a different format. For
example, internet explorer uses “index.dat” files whereas Mozilla uses history.dat file in
order to save the browser’s history. Hence in digital forensic all these types of format
should be readable. For this the browser should contain hidden plus the system files. Web
Historian, Index.dat analyser and Total Recall are the tools used to find the hidden
browser history, to find the deleted content in index.dat file and to view the favourite
website list in browser respectively (Mualfah & Riadi, 2017)
3. Identification of user ownership
Data mining is the technique used to extract the ownership data in a better way to
summarize the data and analyse it (Frecks, Curry, Lynn, & Bland, 2017). For finding the
ownership first of all larger data sets need it to be prepared otherwise the effective
decision will not be taken, different data sets can be considered while doing the analysis
(Singh & Joshi, 2016).
11
Conclusion
All the information stored is in digital form nowadays, hence the criminal activities also involve
digital mediums. Therefore, digital forensics in growing in terms of tools and techniques to
extract important information to support a case in court. The information need to be extracted has
become complex and more efficient ways are needed to extract the data. Although the current
techniques of image recognition, image processing, header change etc. are very useful in locating
old and new format of file, data warehousing, data mining and data extraction are three major
tolls for extracting the data digitally. For recovering the lost file named as “materials” all the
techniques and tools are explained in the analysis and findings section of the report. As the
forensic investigator associated with this case, it can be concluded that the digital forensics have
already progressed so much in the past years and there is a room for more.
12
All the information stored is in digital form nowadays, hence the criminal activities also involve
digital mediums. Therefore, digital forensics in growing in terms of tools and techniques to
extract important information to support a case in court. The information need to be extracted has
become complex and more efficient ways are needed to extract the data. Although the current
techniques of image recognition, image processing, header change etc. are very useful in locating
old and new format of file, data warehousing, data mining and data extraction are three major
tolls for extracting the data digitally. For recovering the lost file named as “materials” all the
techniques and tools are explained in the analysis and findings section of the report. As the
forensic investigator associated with this case, it can be concluded that the digital forensics have
already progressed so much in the past years and there is a room for more.
12
⊘ This is a preview!⊘
Do you want full access?
Subscribe today to unlock all pages.
Trusted by 1+ million students worldwide
1 out of 15
Related Documents
Your All-in-One AI-Powered Toolkit for Academic Success.
+13062052269
info@desklib.com
Available 24*7 on WhatsApp / Email
![[object Object]](/_next/static/media/star-bottom.7253800d.svg)
Unlock your academic potential
Copyright © 2020–2025 A2Z Services. All Rights Reserved. Developed and managed by ZUCOL.