Data Carving and Data Hiding Concepts Report (Assessment)

Exclusively available on Available only on IvyPanda® Made by Human No AI

Introduction

The phenomenon of data hiding is urgent for current practices in computer forensics and involves information storage in places where this information is not expected. This specific technique of data storage is present in popular operating systems to hide some unnecessary folders and files with the help of the hidden attribute (Fadia and Zacharia, 2007, p. 233). Such an approach is aimed at protecting the information from accidental deletion. For instance, Windows has specific files and folders that are not allowed to delete and that are essential for normal functioning.

Data carving is an approach used in Computer Forensics in case data cannot be extracted by traditional methods because the necessary data is unavailable within the file system. Searching for the information for file signatures is one of the most known means of data carving.

Hiding Data in Operating System and the Registry

In operating systems, data hiding is used to protect files from illegal intrusion and accidental deletion. The parameters for this approach are set by the system attribute designed for identifying system files that should be protected. The system itself cannot be installed in the File Property, but its function can be carried out with the help of the attribute command. Particularly, this option can hide a file in such a way that it will not be displayed even if the Show Hidden Files command will be set (Fadia and Zacharia, 2007, p. 224).

Data presented in the Registry differs on configurations presented in the OS. Hence, earlier versions of Registry consist of files with.dat extension whereas Windows EX and 2003 have a wider variety of extensions among which is the.alt extension storing hives. The hive presents a set of keys to block the information and carry configurations concerning various types of data (Fadia and Zacharia, 2007, p. 224).

Carving Data Hidden in the Registry

Sometimes data hiding techniques can constitute a serious threat to existing operating systems. On the one hand, the usage of stenography and other types of encryption and information coding can be quite successful for protecting information from external intrusion. On the other hand, password-cracking tools can be used for illegal and criminal purposes to conceal information and draw it from secret databases (Kruse and Heiser, 2001, p. 83). Therefore, all tools of carving and disclosing the data hidden in the registry are necessary skills that should be acquired while studying computer forensics (Kruse and Heiser, 2001, p. 83). Furthermore, this skill will allow specialists to discover the information that has been intentionally concealed but is important for users.

Hiding Data on Virtual Machines and Drives

The introduction of virtual machines provides great potential for data hiding, particularly for hiding schemes used with disk images. Their role of a secret is not limited to secret watermarking and communication; rather, these schemes are also used as a warning against hostile intrusion (Su et al., 2010, p. 2280). In addition, hiding techniques used in virtual machines create a solid foundation for a more detailed analysis of the entire virtual machine system. It should be stressed that virtual machines are capable of performing all instructions without the support of higher levels of information hierarchy because all unneeded data is concealed in order not to distract the programmers from particular layers. Considering this issue, specific tools are created for forensic analysis aimed at determining the extent to which the data can be uncovered. One of the forms of control using the FAT16 tool aimed at defining free sectors where the hidden text string is placed.

NTFS Data Hiding

NTFS systems can offer more beneficial opportunities for data concealing because they contain unique techniques that provide effective file access to manage disk information as well as other file storage methods. For instance, metadata processing may be utilized to conceal implicit information in bad clusters (Zelkowitz, 2008, p. 9). According to data hiding techniques used involve filing slack space, data streams, and file systems reserved locations. These approaches are aimed at recovering and detecting hidden data. In some cases, data hiding techniques are used to conceal secret information within hidden files to avoid information recovery via traditional computer forensic tools. In general, the modern file system contains a map identifying the allocation of each cluster of information (Zelkowitz, 2008, p. 10). With the help of this technique, it is easy to define whether this system is modified to hide information.

Investigator Response to Data Hiding Threats

It is obvious that recognition of how information can be concealed within the media platform as well as specifics of file system structure involves awareness of methods for detecting the hidden information. Discussing different techniques of data hiding, such as stenography, encryption, and map allocation, it can be stated that many criminal cases are closely connected with miscellaneous effects this knowledge has in security terms. In this respect, criminal investigators should be aware of the specifics of computer forensics as well as tools utilized for concealing secret data to eliminate computer crimes. In addition, they should learn the most effective tools for hiding data and apply mixed approaches to detect computer frauds.

Reference List

Fadia, A., and Zacharia, M. (2007). Network Intrusion Alert: An Ethical Hacking Guide to Intrusion Detection. US: Cengage.

Kruse, W. G. and Heiser, J. G. (2001). Computer Forensics: Incident Response Essentials. US: Addison-Wesley.

Su, Y., Liao, X., Jin, H. and Bell, T. (2010). Data Hiding in Virtual Machine Disk Images. 10th IEEE International Conference on Computer and Information Technology. pp. 2278-2283.

Zelkowitz, M. (2008). Advances in Computers: Software Development. US: Academic Press.

More related papers Related Essay Examples
Cite This paper
You're welcome to use this sample in your assignment. Be sure to cite it correctly

Reference

IvyPanda. (2022, March 27). Data Carving and Data Hiding Concepts. https://ivypanda.com/essays/data-carving-and-data-hiding-concepts/

Work Cited

"Data Carving and Data Hiding Concepts." IvyPanda, 27 Mar. 2022, ivypanda.com/essays/data-carving-and-data-hiding-concepts/.

References

IvyPanda. (2022) 'Data Carving and Data Hiding Concepts'. 27 March.

References

IvyPanda. 2022. "Data Carving and Data Hiding Concepts." March 27, 2022. https://ivypanda.com/essays/data-carving-and-data-hiding-concepts/.

1. IvyPanda. "Data Carving and Data Hiding Concepts." March 27, 2022. https://ivypanda.com/essays/data-carving-and-data-hiding-concepts/.


Bibliography


IvyPanda. "Data Carving and Data Hiding Concepts." March 27, 2022. https://ivypanda.com/essays/data-carving-and-data-hiding-concepts/.

If, for any reason, you believe that this content should not be published on our website, please request its removal.
Updated:
This academic paper example has been carefully picked, checked and refined by our editorial team.
No AI was involved: only quilified experts contributed.
You are free to use it for the following purposes:
  • To find inspiration for your paper and overcome writer’s block
  • As a source of information (ensure proper referencing)
  • As a template for you assignment
1 / 1