1 minute read

As a mentor with KITRI's "Best of the Best v2.0" information security education program, I was/am a mentor for a digital forensic analysis research group. This group was specifically focusing on anti-forensic action detection, which fits pretty closely with my dissertation work. The first group members produced a brief survey of anti-forensics encountered in the 'wild' by Korean Law enforcement. The main contents of the survey are in Korean because I forgot to single an English version...

From two groups working on the same project, a number of similar tools have been created. I've forked the main modules that can be found under IoAF at github. Please feel free to contribute or even fork the projects. We are continuing the project this summer, so hopefully cleaner, consolidated code will be available.

eForensics Magazine - Anti Forensics Techniques
eForensics Magazine: Anti Forensics Techniques
While the first IoAF group is working on a paper for Digital Investigation, the second group decided to write an article about A general approach to anti-forensic activity detection. This article gives a pretty good literature review about some of the work done in general anti-forensic detection, then shows the investigators how to determine traces created by anti-forensic programs. The work is somewhat similar to the work of Geiger on 'counter forensics', but - I believe - the proposed method is easier for investigators to implement or even automate.

Their article can be found in eForensics Magazine Vol. 3 No. 5.

While the developed tools are currently available on github, the next few months will see them refined. Stay tuned!