Anti-Forensic Techniques and Its Impact on Digital Forensic

International Research Journal of Engineering and Technology (IRJET)

e-ISSN: 2395-0056

Volume: 10 Issue: 04 | Apr 2023

p-ISSN: 2395-0072

www.irjet.net

Anti-Forensic Techniques and Its Impact on Digital Forensic Satvik Gurjar1, Dhaval Naik2, Aarti Sardhara3 1LY B. Tech Computer Engineering, Science & Technology, Vishwakarma University, Pune, India - 411048 2LY B. Tech Computer Engineering, Science & Technology, Vishwakarma University, Pune, India - 411048 3Assistant Professor, Dept. of Computer Engineering, Vishwakarma University, Pune, India – 411048

---------------------------------------------------------------------***---------------------------------------------------------------------

Abstract - This research paper focuses on anti-forensic

copyright infringement. But if attackers and criminals use these techniques against digital forensics, they could prevent investigators from accessing essential data. The effectiveness of anti-forensic techniques is still largely unknown due to minimal practical research in this field.

techniques, which are used to evade or defeat digital forensics investigations. With the proliferation of digital devices, forensic investigations have become an essential tool for law enforcement agencies and security professionals. However, criminals and attackers are also using advanced techniques to hide their activities and make it difficult for investigators to trace their actions. Antiforensics is a set of techniques used to cover up digital traces, confuse forensic investigators, and thwart the discovery of digital evidence. This paper provides an overview of the most common anti-forensic techniques used by attackers and cybercriminals, such as file wiping, data hiding, steganography, encryption, and obfuscation. We discuss the technical aspects of these techniques, their effectiveness, and the countermeasures that can be taken to detect and mitigate them. The research findings highlight the need for the development of new forensic tools and techniques that can effectively counter anti-forensic methods, which are becoming increasingly sophisticated and challenging to detect. The paper concludes by identifying the areas of future research in anti-forensics and their implications for digital investigations and cybercrime.

Therefore, the primary objective of this research paper is to identify prevalent digital anti-forensic methods and assess them using forensic software. The goal is to determine whether computer anti-forensic activities can impede the investigation process and hinder the discovery of real evidence that could be presented as admissible in a legal proceeding.

2.MOTIVATION AND OBJECTIVE

Key Words: Anti-forensic, Encryption, Steganography, obfuscation, Cybercrimes.

The motivation for this research stems from the growing need to counter the use of anti-forensic techniques by attackers and cybercriminals, which makes it increasingly challenging for digital investigators to collect evidence and solve crimes. As these techniques evolve, it is crucial to develop countermeasures and improve investigation methodologies to detect and mitigate anti-forensic methods. The paper also aims to raise awareness of the need for innovative research and development in this field to develop new forensic tools and techniques.

1.INTRODUCTION

2. RELATED WORK

In today's world, digital evidence holds significant importance in investigative procedures and is processed through electronic means. The Locard principle states that a transfer occurs between the perpetrator and the crime scene, and this principle applies to digital evidence, which is stored on hard disks and memory as logs and other components that depict activities. The use of digital evidence in cyberspace is crucial for identifying the perpetrator, the precise timing of events, and their occurrence. Digital forensic investigators gather all relevant pieces of evidence into a cohesive report that outlines the nature and progression of a specific action.

The aforementioned research paper utilized several mechanisms to obtain the most appropriate sources for review. Initially, authoritative sources from government agencies, including the judiciary and technology standardcreating organizations, were selected. The objectivity and clarity of the sources were assessed to ascertain the credibility of the reviewed papers. Additionally, the reputation of the authors and the journal publication area were considered. As previously stated, digital forensics is an emerging field that is rapidly expanding due to an increase in computerrelated crimes and their complexity. Law enforcement agencies are primarily focused on resolving cases related to the misuse of digital technology. In most search-andseizure situations, mobile phones are usually seized, as every crime has some form of association with computer forensics. Various studies and scholars contend that cybercriminals utilize anti-forensic techniques to obscure

However, various methods of anti-forensic activities exist, which can impede the investigative process at any given stage. Although some of these techniques have legitimate purposes, most are used to obstruct digital forensics. For example, encryption is used to protect organizational assets, while digital watermarking is applied to prevent

© 2023, IRJET

|

Impact Factor value: 8.226

|

ISO 9001:2008 Certified Journal

|

Page 1669