Anti-forensics and the digital investigator

Proceedings of the 5th Australian Digital Forensics Conference

Volumn , Issue , 2007, Pages 1-7

  Kessler, Gary C ^a,b  

^a CHAMPLAIN COLLEGE   (United States)

^b EDITH COWAN UNIVERSITY   (Australia)

Author keywords

Anti forensics; Artefact wiping; Attacks on computer forensics tools; Data hiding; Privacy; Trail obfuscation

Indexed keywords

ANTI-FORENSICS; ARTEFACT WIPING; COMPUTER FORENSICS TOOLS; DATA HIDING; TRAIL OBFUSCATION;

DATA PRIVACY; ELECTRONIC CRIME COUNTERMEASURES; STEGANOGRAPHY;

COMPUTER CRIME;

EID: 84867717801     PISSN: None     EISSN: None     Source Type: Conference Proceeding    
DOI: None     Document Type: Conference Paper

References (23)

1. Ahsan, K. (2002). Covert Channel Analysis and Data Hiding in TCP/IP. Thesis presented to the Edwards S. Rogers Sr. Graduate Department of Electrical and Computer Engineering, University of Toronto, Toronto, Ontario. Retrieved September 11, 2007, from http://gray-world.net/papers/ahsan02.pdf.
2. Akin, T. (2003). WebMail Forensics. BlackHat Briefings. Retrieved September 11, 2007, from http://www.blackhat.com/presentations/bh-usa-03/bh-us- 03-akin.pdf.
3. Budimir, N., & Slay, J. (2007). Identifying Non-Volatile Data Storage Areas: Unique Notebook Identification Information as Digital Evidence. Journal of Digital Forensics, Security and Law, 2(1), 75-91.
4. Caloyannides, M.A. (2001). Computer Forensics and Privacy. Boston: Artech House.
5. Casey, E. (2004). Digital Evidence and Computer Crime: Forensic Science, Computers and the Internet (2nd ed.). London: Elsevier Academic Press.
6. Electronic Frontier Foundation (EFF). (2007, September 18). Tor Web page. Retrieved September 18, 2007, from http://tor.eff.org/index.html.en.
7. Forte, D. (2002, August). Analyzing the Difficulties in Backtracking the Onion Router's Traffic. Proceedings of the 2002 Digital Forensics Research Workshop. Retrieved September 11, 2007, from https://www.dfrws.org/2002/papers/ Papers/Dario-Forte.pdf.
8. Geiger, M., & Cranor, L.F. (2006, September/October). Scrubbing Stubborn Data: An Evaluation of Counter- Forensic Privacy Tools. IEEE Security & Privacy, 4(5), 16-25.
9. Guidance Software. (2007, July 26). Guidance Software Response to iSEC Report. Retrieved September 11, 2007, from http://www.securityfocus.com/archive/ 1/474727.
10. Harris, R. (2006). Arriving at an Anti-Forensics Consensus: Examining How to Define and Control the Anti- Forensics Problem. Proceedings of the 2006 Digital Forensics Research Workshop. Digital Investigation, 3(S), S44-S49. Retrieved September 11, 2007, from http://dfrws.org/2006/proceedings/6-Harris. pdf.
11. Kessler, G.C. (2004, July). An Overview of Steganography for the Computer Forensics Examiner. Forensics Science Communication, 6(3). Retrieved September 11, 2007, from http://www.fbi.gov/hq/lab/fsc/backissu/july2004/research/2004-03- research01.htm.
12. Levine, D.E., & Kessler, G.C. (2002). Denial of Service Attacks. In M. Kabay & S. Bosworth (Eds.), Computer Security Handbook, 4th ed. New York: John Wiley & Sons.
13. Liu, V., & Brown, F. (2006, April 3). Bleeding-Edge Anti-Forensics. Presentation at InfoSec World 2006. Retrieved September 11, 2007, from stachliu.com/files/InfoSecWorld-2006-K2-Bleeding-Edge- AntiForensics.ppt.
14. Metasploit LLC. (2007a). Metasploit Anti-forensics home page. Retrieved September 11, 2007, from http://www.metasploit.com/projects/antiforensics/).
15. Metasploit LLC. (2007b). Metasploit Project home page. Retrieved September 11, 2007, from http://www.metasploit.com/.
16. Palmer, C., Newsham, T., Stamos, A., & Ridder, C. (2007, August 1). Breaking Forensics Software: Weaknesses in Critical Evidence Collection. Abstract of presentation at Black Hat USA 2007. Retrieved September 11, 2007, from http://www.blackhat.com/html/bh-usa-07/bh-usa-07-speakers.html#Palmer.
17. Palmer, G. (2001, November 6). A Road Map for Digital Forensics Research. Digital Forensic Research Workshop (DFRWS) Technical Report (DTR) T001-01 Final. Retrieved September 11, 2007, from http://www.dfrws.org/2001/dfrws-rm- final.pdf.
18. Rogers, M. (2006, March 22). Panel session at CERIAS 2006 Information Security Symposium. Retrieved September 11, 2007, from http://www.cerias.purdue. edu/symposium/2006/materials/pdfs/antiforensics.pdf.
19. Rowland, C.H. (1997, May 5). Covert Channels in the TCP/IP Protocol Suite. First Monday, 2(5). Retrieved September 11, 2007, from http://www.firstmonday.org/issues/issue2-5/rowland/.
20. Schwartau, W. (1999). Time Based Security. Seminole, FL: Interpact Press.
21. StegoArchive.com. (2005). Stego Archive Website. Retrieved September 11, 2007, from http://www.stegoarchive.com.
22. Supreme Court of the United States. (1993). Daubert v. Merrell Dow Pharmaceuticals (92-102), 509 U.S. 579. Retrieved September 11, 2007, from http://supct.law.cornell.edu/supct/html/92-102.ZS.html.
23. Van Buskirk, E., & Liu, V.T. (2006, March). Digital Evidence: Challenging the Presumption of Reliability. Journal of Digital Forensic Practice, 1(1), 19-26.