Anti-Digital Forensics

Wednesday February 04, 2009 – The recent issue of Forensic Magazine included a column explaining problems created by suspect use of Anti-Digital Forensics. ADF is “an approach to manipulate, erase, or obfuscate digital data or to make its examination difficult, time consuming, or virtually impossible,” as explained by John J. Barbara, Crime Laboratory Analyst Supervisor with the Florida Department of Law Enforcement.
One issue Barbara highlighted is that many of the common tools used in computer forensics are designed for point-and-click use by techs who don’t necessarily have extensive knowledge in the field. Those tools can be fooled when a suspect uses ADF techniques prior to an examination.

“There are many tools, methods, and techniques readily available that can affect the digital information, potentially causing it to be inaccurate and unreliable,” Barbara wrote.

Fortunately, there are techniques to detect and counter manipulation. Barbara explains some of these – such as examining hash values and checking for the presence of steganography tools on suspect computers to uncover hidden files – and will continue in the next issue of Forensic.
Leave a Reply

Let’s Stay in Touch

Newsletter Signup

Call 866-435-7704

Fax: 888-678-5021  We accept all major credit cards   Sitemap