Data Carving and Data Hiding Concepts Report (Assessment)

Exclusively available on Available only on IvyPanda® Made by Human No AI

Introduction

The phenomenon of data hiding is urgent for current practices in computer forensics and involves information storage in places where this information is not expected. This specific technique of data storage is present in popular operating systems to hide some unnecessary folders and files with the help of the hidden attribute (Fadia and Zacharia, 2007, p. 233). Such an approach is aimed at protecting the information from accidental deletion. For instance, Windows has specific files and folders that are not allowed to delete and that are essential for normal functioning.

Data carving is an approach used in Computer Forensics in case data cannot be extracted by traditional methods because the necessary data is unavailable within the file system. Searching for the information for file signatures is one of the most known means of data carving.

Hiding Data in Operating System and the Registry

In operating systems, data hiding is used to protect files from illegal intrusion and accidental deletion. The parameters for this approach are set by the system attribute designed for identifying system files that should be protected. The system itself cannot be installed in the File Property, but its function can be carried out with the help of the attribute command. Particularly, this option can hide a file in such a way that it will not be displayed even if the Show Hidden Files command will be set (Fadia and Zacharia, 2007, p. 224).

Data presented in the Registry differs on configurations presented in the OS. Hence, earlier versions of Registry consist of files with.dat extension whereas Windows EX and 2003 have a wider variety of extensions among which is the.alt extension storing hives. The hive presents a set of keys to block the information and carry configurations concerning various types of data (Fadia and Zacharia, 2007, p. 224).

Carving Data Hidden in the Registry

Sometimes data hiding techniques can constitute a serious threat to existing operating systems. On the one hand, the usage of stenography and other types of encryption and information coding can be quite successful for protecting information from external intrusion. On the other hand, password-cracking tools can be used for illegal and criminal purposes to conceal information and draw it from secret databases (Kruse and Heiser, 2001, p. 83). Therefore, all tools of carving and disclosing the data hidden in the registry are necessary skills that should be acquired while studying computer forensics (Kruse and Heiser, 2001, p. 83). Furthermore, this skill will allow specialists to discover the information that has been intentionally concealed but is important for users.

Hiding Data on Virtual Machines and Drives

The introduction of virtual machines provides great potential for data hiding, particularly for hiding schemes used with disk images. Their role of a secret is not limited to secret watermarking and communication; rather, these schemes are also used as a warning against hostile intrusion (Su et al., 2010, p. 2280). In addition, hiding techniques used in virtual machines create a solid foundation for a more detailed analysis of the entire virtual machine system. It should be stressed that virtual machines are capable of performing all instructions without the support of higher levels of information hierarchy because all unneeded data is concealed in order not to distract the programmers from particular layers. Considering this issue, specific tools are created for forensic analysis aimed at determining the extent to which the data can be uncovered. One of the forms of control using the FAT16 tool aimed at defining free sectors where the hidden text string is placed.

NTFS Data Hiding

NTFS systems can offer more beneficial opportunities for data concealing because they contain unique techniques that provide effective file access to manage disk information as well as other file storage methods. For instance, metadata processing may be utilized to conceal implicit information in bad clusters (Zelkowitz, 2008, p. 9). According to data hiding techniques used involve filing slack space, data streams, and file systems reserved locations. These approaches are aimed at recovering and detecting hidden data. In some cases, data hiding techniques are used to conceal secret information within hidden files to avoid information recovery via traditional computer forensic tools. In general, the modern file system contains a map identifying the allocation of each cluster of information (Zelkowitz, 2008, p. 10). With the help of this technique, it is easy to define whether this system is modified to hide information.

Investigator Response to Data Hiding Threats

It is obvious that recognition of how information can be concealed within the media platform as well as specifics of file system structure involves awareness of methods for detecting the hidden information. Discussing different techniques of data hiding, such as stenography, encryption, and map allocation, it can be stated that many criminal cases are closely connected with miscellaneous effects this knowledge has in security terms. In this respect, criminal investigators should be aware of the specifics of computer forensics as well as tools utilized for concealing secret data to eliminate computer crimes. In addition, they should learn the most effective tools for hiding data and apply mixed approaches to detect computer frauds.

Reference List

Fadia, A., and Zacharia, M. (2007). Network Intrusion Alert: An Ethical Hacking Guide to Intrusion Detection. US: Cengage.

Kruse, W. G. and Heiser, J. G. (2001). Computer Forensics: Incident Response Essentials. US: Addison-Wesley.

Su, Y., Liao, X., Jin, H. and Bell, T. (2010). Data Hiding in Virtual Machine Disk Images. 10th IEEE International Conference on Computer and Information Technology. pp. 2278-2283.

Zelkowitz, M. (2008). Advances in Computers: Software Development. US: Academic Press.

More related papers Related Essay Examples
Cite This paper
You're welcome to use this sample in your assignment. Be sure to cite it correctly

Reference

IvyPanda. (2022, March 27). Data Carving and Data Hiding Concepts. https://ivypanda.com/essays/data-carving-and-data-hiding-concepts/

Work Cited

"Data Carving and Data Hiding Concepts." IvyPanda, 27 Mar. 2022, ivypanda.com/essays/data-carving-and-data-hiding-concepts/.

References

IvyPanda. (2022) 'Data Carving and Data Hiding Concepts'. 27 March.

References

IvyPanda. 2022. "Data Carving and Data Hiding Concepts." March 27, 2022. https://ivypanda.com/essays/data-carving-and-data-hiding-concepts/.

1. IvyPanda. "Data Carving and Data Hiding Concepts." March 27, 2022. https://ivypanda.com/essays/data-carving-and-data-hiding-concepts/.


Bibliography


IvyPanda. "Data Carving and Data Hiding Concepts." March 27, 2022. https://ivypanda.com/essays/data-carving-and-data-hiding-concepts/.

If, for any reason, you believe that this content should not be published on our website, please request its removal.
Updated:
This academic paper example has been carefully picked, checked and refined by our editorial team.
No AI was involved: only quilified experts contributed.
You are free to use it for the following purposes:
  • To find inspiration for your paper and overcome writer’s block
  • As a source of information (ensure proper referencing)
  • As a template for you assignment
Privacy Settings

IvyPanda uses cookies and similar technologies to enhance your experience, enabling functionalities such as:

  • Basic site functions
  • Ensuring secure, safe transactions
  • Secure account login
  • Remembering account, browser, and regional preferences
  • Remembering privacy and security settings
  • Analyzing site traffic and usage
  • Personalized search, content, and recommendations
  • Displaying relevant, targeted ads on and off IvyPanda

Please refer to IvyPanda's Cookies Policy and Privacy Policy for detailed information.

Required Cookies & Technologies
Always active

Certain technologies we use are essential for critical functions such as security and site integrity, account authentication, security and privacy preferences, internal site usage and maintenance data, and ensuring the site operates correctly for browsing and transactions.

Site Customization

Cookies and similar technologies are used to enhance your experience by:

  • Remembering general and regional preferences
  • Personalizing content, search, recommendations, and offers

Some functions, such as personalized recommendations, account preferences, or localization, may not work correctly without these technologies. For more details, please refer to IvyPanda's Cookies Policy.

Personalized Advertising

To enable personalized advertising (such as interest-based ads), we may share your data with our marketing and advertising partners using cookies and other technologies. These partners may have their own information collected about you. Turning off the personalized advertising setting won't stop you from seeing IvyPanda ads, but it may make the ads you see less relevant or more repetitive.

Personalized advertising may be considered a "sale" or "sharing" of the information under California and other state privacy laws, and you may have the right to opt out. Turning off personalized advertising allows you to exercise your right to opt out. Learn more in IvyPanda's Cookies Policy and Privacy Policy.

1 / 1