Hello and welcome distinguished folks! Welcome back to another episode of STEM on the Streets! If you are new here, my name is Aiza and this is my partner CAI, Crime Ai. Click on the button to read the previous episode!
Reverse Steganography
Steganography is used by cybercriminals to hide data within digital files, data streams or messages.
(✿◡‿◡) CAI: Steganography (in digital forensics) is to cover or hide information or messages in data or digital files. And on Merriam Webster Steganography means, “the art or practice of concealing a message, image, or file within another message, image, or file”.
Reverse steganography is when forensic scientists analyse data hashing found in a specific file. Upon inspection, of a digital file or image, the hidden information may not look like much. But that is where you are wrong, hidden information does change the string of data representing the image or file.
Stochastic Forensics
Do you want to do this one?
(✿◡‿◡) CAI: Sure. According to Merriam-Webster, Stochastic means ‘"involving a random variable" or "involving chance or probability". Stochastic forensics helps analyse and reconstruct digital activity or activities that don’t generate digital artefacts. According to TheBlueVoyant "A digital artefact is an unintended alteration of data that occurs due to digital processes". Text files are considered digital artefacts that can contain clues related to a digital crime. Stochastic forensics helps investigate data breaches from insider threats that may not leave behind digital artefacts. In this method, forensic scientists analyze emergent properties as a result of the stochastic nature of modern computers.
Cross-drive Analysis
Also known as anomaly detection, cross-drive analysis is to find and provide similarities for the investigation. With these similarities, a baseline is created and used to detect dubious or suspicious acts. Usually, it involves correlating and cross-referencing data or information across multiple drives to find, analyze, and preserve information related to a digital investigation.
Live Analysis
Live analysis is when the operating system of a device is still running. It involves using system tools to find, analyze, and extract volatile data which is stored in the RAM and cache. This usually requires having the computer which is being inspected in police custody or a lab to maintain the protocols for the chain of evidence correctly.
Data Carving
(✿◡‿◡) CAI: To recover deleted files or data, a technique known as data carving or file carving or deleted file recovery. In this technique, a computer system and memory must be investigated or searched to find fragments of files which were not fully deleted from a location while leaving traces in other places on the device or machine. It relies upon the internal structure of a file that is used to identify blocks that should be part of the same file. Some files possess a rich structure which makes it easier to piece together and some have little structure making it difficult or impossible to piece together.
That is all for today, lovely people! Stay tuned for the next episode!
This is Aiza Jamil signing out!
I am a forensics sleuth, what's your mystery to solve?
Comments