Anti-Forensics: Digital Investigations Get More Difficult
We've just posted a new article in the The Essentials Series: Messaging and Web Security - Volume III on anti-forensics. Here is an excerpt:
Anti-forensics is the practice of hiding evidence of a security breach to prevent detection of the breach and its perpetrators. It is now a major problem for computer security investigators. When a security breach occurs, a common first reaction is to contain the damage by isolating the compromised device and blocking network access. The next major step is to get the system restored to its pre-attack state and functioning normally. Then investigators can turn their attention to analyzing how the breach occurred, but will it do any good? Computer forensics, the practice of analyzing digital information to determine the way a computer crime was committed, is facing serious challenges from attackers using anti-forensic techniques. This article briefly reviews forensic techniques and describes how readily available tools are rendering these techniques far less effective than they have been in the past.
Read the full article here.
Email This!
Digg it!
Sphere it!
Del.icio.us
Reddit!
Newsvine
