DocumentCode :
3108308
Title :
Detecting and Manipulating Compressed Alternate Data Streams in a Forensics Investigation
Author :
Martini, Adamantini I. ; Zaharis, Alexandros ; Ilioudis, Christos
Author_Institution :
Dept. of Comput. & Commun. Eng., Univ. of Thessaly, Volos
fYear :
2008
fDate :
9-9 Oct. 2008
Firstpage :
53
Lastpage :
59
Abstract :
Data hiding technique through alternate data streams in compressed form is poorly documented and less known among forensic experts. This paper deals with the documentation of compressed ADS and their attributes concerning hiding information, provides a simple technique of creating compressed ADS and using it in a malicious manner. Finally a method is presented in order to detect and manipulate ADS in a proper way, complying with the computer forensic techniques.
Keywords :
computer crime; data compression; data encapsulation; data handling; alternate data streams; computer forensic techniques; data compression; data hiding technique; forensics investigation; Computer crime; Computer networks; Data encapsulation; Data engineering; Digital forensics; Documentation; Electronic mail; File systems; Internet; Software tools; ADS; Compressed Alternate Data Streams; NTFS;
fLanguage :
English
Publisher :
ieee
Conference_Titel :
Digital Forensics and Incident Analysis, 2008. WDFIA '08. Third International Annual Workshop on
Conference_Location :
Malaga
Print_ISBN :
978-0-7695-3362-9
Type :
conf
DOI :
10.1109/WDFIA.2008.9
Filename :
4651708
Link To Document :
https://search.ricest.ac.ir/dl/search/defaultta.aspx?DTC=49&DC=3108308
بازگشت