View
10
Download
0
Category
Preview:
Citation preview
ANTI-FORENSICSA TOM & JERRY GAME
TECHWEEK 2019
WHOAMIT
EC
HW
EE
K 2
019
Cyber Security Researcher
E-Kraal Innovation Hub
Books | Yoga | Music
@PatriciaMusomba
DIGITAL FORENSICS.
The discipline that studies
techniques & methodologies
used to collect, analyze and
present admissible digital
evidence.
ANTI-FORENSICS.
Any technique, software or
tactic designed to hinder an
investigation. Used to throw
off an investigator or avoid
detection
DEFINITIONS
Why should you care?
REDUCEINVESTIGATION TIME
REDUCEINVESTIGATION COST
IMPROVE YOURINVESTIGATION SKILLS
WIN THE GAME
ANTI-FORENSICTECHNIQUES
How? Unused space in the MBR, Host Protected
Area(HPA), Slack space, Mark usable clusters as bad
How to deal: Learn the file system in use
DATA HIDING
How? Steganography, encryption is an analyst's
worst nightmare
How to deal: Bruteforce, exploit the algorithm's
vulnerabilities
CRYPTOGRAPHY
How? Change file extensions, time stamp scrambling,
dummy log files, disk wiping
DATA FORGERY & DELETION
Prevent a system from creating and generating
useful traces for the investigator eg working from
a memory buffer
ANALYSIS PREVENTION
DEMO
Recommended