‘Anti Forensics: Making Computer Forensics Hard’


The linked paper explains how Anti Forensics are currently being conducted by hackers, what methods they have of hiding information and what the future holds in this field.’


‘The information has been provided by Wendel Guglielmetti Henrique.
The original article can be found at: http://ws.hackaholic.org/slides/AntiForensics-CodeBreakers2006-Translation-To-English.pdf


‘In this paper (translated from Portuguese in 2006) is presented since basic until advanced techniques used to defeat forensic analysis.

Including the following topics:
 – What is computer forensics?
 – What is Anti Forensics?
 – Anti Forensics methods:
     Self Split Files + Encryption.
     Defeat ‘last modified files’ technique.
     Data Hiding: swap, file system bad blocks, unallocated spaces, ADS.
     Process dump.
     Integrity check (MD5 Collision).
     Database Rootkits.
     BIOS Rootkits.’

Categories: Reviews