Data hiding analysis is the method or the process of searching for the hidden data in the system or the hard disk. Cybercriminals hide the information in the system by thinking that it would not be detected by searching queries or advance forensic data analyzing tools used by forensic investigators. They will use different methods to hide the information or the application that they infect, intend to damage or trying to steal in hidden format inside the hard disk using many varieties of data hiding methods such as using tools like Invisible software or simple method of adding the hidden flag in Windows file system or by adding the hidden attribute (-h) in DOS prompt. In some other cases cybercriminals change the file format of the data so that it appears different to other users. For instance a cybercriminal who is trying to pass out a confidential business data file (MS excel file) might rename it as a picture file and nobody would suspect since this is a totally different file than it looks. Later the cybercriminal will rename the file extension back to the excel format and use it.
On the other hand cybercriminals use steganography techniques to hide data from the authorized users. For example in MS PowerPoint slide add a picture of a “duck” and insert a confidential document and minimize it as much as possible then change the font colour of the words to white and group with the “duck” picture and save and send via e-mail. Everyone will think that sender is transferring a picture of a duck to a friend, but the actual scenario is the cybercriminal is transferring confidential data without anyone noticing any difference.
No comments:
Post a Comment