Five Anti-Forensic Techniques Used to Cover Digital Footprints
1. Disk WipingThe first technique is disk wiping: deleting all of the data on a hard drive or media storage device. Anti-forensic tools can be used to erase the contents of a drive, making it difficult for forensic analysts to recover the data. Drive Wiper, for example, is a Windows-based tool that offers the option to wipe a drive securely, erasing the data beyond recovery. Likewise, File Shredder is a Java-based tool that can overwrite files to prevent recovery.
2. File EncryptionThe second technique is file encryption, or the process of transforming readable data into an unreadable format using various encryption algorithms. While encrypting files is an effective way to protect them from prying eyes, anti-forensic tools can also be used to encrypt files with the intent of making them difficult to access or decode.
3. SteganographyThe third technique is steganography (National Institute of Standards and Technology, 2018). Steganography is the process of hiding messages or files within another file. Anti-forensic tools like Hidden Tear and Stego Watch can be used to hide information in images, audio, and video, among other file types, so that it is difficult for forensic analysts to uncover. Hidden Tear is a Windows-based tool that can hide files within .jpeg, .gif, and .bmp images. Stego Watch is a Java-based tool that can be used to embed hidden information in .jpeg, .gif, and .png image formats.
4. CompressionThe fourth technique is compression, which is used to reduce the size of a file (Microsoft, 2021). Compressing files helps reduce their size, making them more difficult to view or decode. Anti-forensic tools like WinZip and PKZIP can compress files for this purpose. WinZip is a Windows-based tool that can compress files. PKZIP is a DOS and Windows-based tool that can also compress files.
5. MalwareThe fifth technique is malware: a type of software designed to damage or disable computers and processes (Abdelaziz, 2018). Specific tools can be used to install malware on a computer, making it difficult for forensic analysts to recover data. Trojan horses are used to install malware on a computer, while ransomware encrypts the contents of a drive, making it inaccessible to the user.
Become a Computer Hacking Forensic Investigator with an EC-Council Certification
These are just some of the anti-forensic techniques that present challenges for digital forensic investigators today. Cyber forensics is an ever-evolving field, and new tools and methods are being developed all the time. Therefore, forensic analysts and cybersecurity experts need to stay up to date on the latest anti-forensic techniques to ensure that they can uncover evidence of wrongdoing.
To learn more about anti-forensic techniques and other key topics in digital forensics, enroll in EC-Council’s Computer Hacking Forensic Investigator (C|HFI) certification program. The course offers in-depth training in digital forensics and cybersecurity and provides hands-on practice with the latest tools and techniques to help you stay ahead of the curve. If you’re interested in becoming a digital forensic investigator or incorporating a concrete understanding of cyber forensic techniques into your work, the C|HFI is the perfect place to start. Learn how to get started today!
Abdelaziz, Y. (2018). Responsibility, trust, and marketing tools for end-user account security. [Master’s thesis, Carleton University]. Carleton University Research Virtual Environment. https://curve.carleton.ca/system/files/etd/09b74873-c995-4221-89ee-ddb2ae2209dc/etd_pdf/ad4585a62e661f78e9333387829071e0/abdelaziz-responsibilitytrustandmonitoringtoolsforenduser.pdf
McCarthy, N. (2021, March 19). Americans are losing billions of dollars due to internet crime [infographic]. Forbes. https://www.forbes.com/sites/niallmccarthy/2021/03/19/americans-are-losing-billions-of-dollars-due-to-internet-crime-infographic/
Microsoft. (2021, September 15). How to: Compress and extract files. .Net Documentation. https://docs.microsoft.com/en-us/dotnet/standard/io/how-to-compress-and-extract-files
National Institute of Standards and Technology. (2018, October 25). Steganography. Computer Security Resource Center. https://csrc.nist.gov/glossary/term/steganography