Title :
ADS: Protecting NTFS from hacking
Author :
Mahajan, Rashima ; Singh, Monika ; Miglani, Sumit
Author_Institution :
CSED, Thapar Univ., Patiala, India
Abstract :
Alternate Data Streams is one of the possible ways to hide data in NTFS file system in Windows. It was introduced to make Windows NTFS compatible with HFS file system of Macintosh. This paper explains what exactly alternate data streams are, their requirement and their functionality. It also explains whether alternate data streams is a feature or a vulnerability of NTFS file system. It explains how hacker can utilize this functionality of NTFS to hide malicious codes in victim´s machine so as to compromise it. All possible ways of hiding data and techniques for detecting and removing ADS are also explained. It mainly focuses on criminals who use various data hiding techniques in order to hide their data from the forensic analysts. Finally its main focus is on explaining an ADS Tool that is a graphical tool which enables user to create, start, detect and delete ADS.
Keywords :
computer crime; data encapsulation; digital forensics; storage management; ADS tool; HFS file system; Macintosh; NTFS file system; Windows NTFS; alternate data streams; data hiding techniques; forensic analyst; graphical tool; hacking; malicious codes; File systems; Streaming media; Alternate Data Streams; HFS; NTFS; creation; deletion; detection;
Conference_Titel :
Recent Advances and Innovations in Engineering (ICRAIE), 2014
Conference_Location :
Jaipur
Print_ISBN :
978-1-4799-4041-7
DOI :
10.1109/ICRAIE.2014.6909325
