Abstract
Viewed generically, anti-forensics (AF) is that set of tactics and measures taken by someone who wants to thwart the digital investigation process. This paper describes some of the many AF tools and methods, under the broad classifications of data hiding, artefact wiping, trail obfuscation, and attacks on the forensics tools themselves. The concept of AF is neither new nor solely intended to be used by the criminal class; it also has legitimate use by those who wish to protect their privacy. This paper also introduces the concept of time-sensitive anti-forensics, noting that AF procedures might be employed for the sole purpose of delaying rather than totally preventing the discovery of digital information.
Original language | American English |
---|---|
Title of host publication | Proceedings of the 5th Australian Digital Forensics Conference |
State | Published - Dec 3 2007 |
Externally published | Yes |
Keywords
- Anti-forensics
- data hiding
- artifact wiping
- trail obfuscation
- privacy
Disciplines
- Other Computer Engineering