Anti-forensics: Furthering digital forensic science through a new extended, granular taxonomy

Détails

ID Serval
serval:BIB_44045D29B478
Type
Article: article d'un périodique ou d'un magazine.
Collection
Publications
Titre
Anti-forensics: Furthering digital forensic science through a new extended, granular taxonomy
Périodique
Digital Investigation
Auteur⸱e⸱s
Conlan Kevin, Baggili Ibrahim, Breitinger Frank
ISSN
1742-2876
Statut éditorial
Publié
Date de publication
08/2016
Volume
18
Pages
S66-S75
Langue
anglais
Résumé
Anti-forensic tools, techniques and methods are becoming a formidable obstacle for the digital forensic community. Thus, new research initiatives and strategies must be formulated to address this growing problem. In this work we first collect and categorize 308 anti-digital forensic tools to survey the field. We then devise an extended anti-forensic taxonomy to the one proposed by Rogers (2006) in order to create a more comprehensive taxonomy and facilitate linguistic standardization. Our work also takes into consideration anti-forensic activity which utilizes tools that were not originally designed for anti-forensic purposes, but can still be used with malicious intent. This category was labeled as Possible indications of anti-forensic activity, as certain software, scenarios, and digital artifacts could indicate anti-forensic activity on a system. We also publicly share our data sets, which includes categorical data on 308 collected anti-forensic tools, as well as 2780 unique hash values related to the installation files of 191 publicly available anti-forensic tools. As part of our analysis, the collected hash set was ran against the National Institute of Standards and Technology’s 2016 National Software Reference Library, and only 423 matches were found out of the 2780 hashes. Our findings indicate a need for future endeavors in creating and maintaining exhaustive anti-forensic hash data sets.
Mots-clé
Law, Medical Laboratory Technology, Computer Science Applications
Web of science
Open Access
Oui
Création de la notice
06/05/2021 11:01
Dernière modification de la notice
06/05/2021 11:36
Données d'usage