Windows 7 Antiforensics: A Review and a Novel Approach

Eterovic-Soric, Brett; Choo, Kim‐Kwang Raymond; Mubarak, Sameera; Ashman, Helen

doi:10.1111/1556-4029.13393

Cited by 6 publications

(3 citation statements)

References 43 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Eterovic-Soric et al [172] point out the paucity of research on techniques that hinder digital forensic analysis of electronic devices, focusing specifically on Windows 7 computers. They propose a method that removes or hides much of the digital evidence that forensic analysts typically use in their investigations.…”

Section: Weaknesses and Anti-forensic Use Cases In Operating Systemsmentioning

confidence: 99%

“…Article [171] focuses on anti-forensics techniques for swap files, proposing two methods: fake data injection and creation of fake swap files. Article [172] discusses the lack of recent research on anti-forensics and proposes a general approach to hiding evidence on Windows 7 systems using Trojan software.…”

Section: Weaknesses and Anti-forensic Use Cases In Operating Systemsmentioning

confidence: 99%

“…As novel contributions, article [171] proposes two specific anti-forensics techniques for swap files, an area that has been little studied; on the other hand, article [172] highlights the need for updated research on anti-forensic techniques for operating systems.…”

Section: Weaknesses and Anti-forensic Use Cases In Operating Systemsmentioning

confidence: 99%

See 2 more Smart Citations

Systematic Review: Anti-Forensic Computer Techniques

González Arias,

Bermejo Higuera,

Rainer Granados

et al. 2024

Applied Sciences

View full text Add to dashboard Cite

The main purpose of anti-forensic computer techniques, in the broadest sense, is to hinder the investigation of a computer attack by eliminating traces and preventing the collection of data contained in a computer system. Nowadays, cyber-attacks are becoming more and more frequent and sophisticated, so it is necessary to understand the techniques used by hackers to be able to carry out a correct forensic analysis leading to the identification of the perpetrators. Despite its importance, this is a poorly represented area in the scientific literature. The disparity of the existing works, together with the small number of articles, makes it challenging to find one’s way around the vast world of computer forensics. This article presents a comprehensive review of the existing scientific literature on anti-forensic techniques, mainly DFIR (digital forensics incident response), organizing the studies according to their subject matter and orientation. It also presents key ideas that contribute to the understanding of this field of forensic science and details the shortcomings identified after reviewing the state of the art.

show abstract

Section: Weaknesses and Anti-forensic Use Cases In Operating Systemsmentioning

confidence: 99%

Section: Weaknesses and Anti-forensic Use Cases In Operating Systemsmentioning

confidence: 99%