Evasion with anti-forensics
Adam W. Mosher, Senior Security & Network Consultant, Bulletproof Solutions
Digital forensics investigations are difficult. With the increasingly complex capability of anti-forensics techniques and an endless array of clever software, uncovering evidence has become more sophisticated. Therefore, the need for the forensics investigator to stay abreast of the current threat landscape with regards to anti-forensics techniques and methodology is crucial. The footprint being left behind on evidence, if at all, is growing smaller and smaller.
The following subsections will be explored in depth during the 30 minute presentation:
o What anti-forensics is and what it is not.
§ Encryption on all levels is explored.
o Underground market for anti-forensics.
§ The effectiveness of the anti-forensics subculture.
§ Avoiding detection.
§ Malware as anti-forensics.
o Attacking the forensic investigator.
§ The advancement of disk wiping tools.
§ Attacks against forensics tools.
o Collecting, examining and analyzing bad data.
§ What and where to look for data?
§ Data in unexpected places.
No comments:
Post a Comment