|Project Description: ||To challenge forensic investigators from finding the evidence, attackers are using many methods since many years where one of the example includes using hand gloves in criminal activity to avoid fingerprint tracing by investigators. Now a day’s computer forensics which deals with digital data became key for investigations so anti-forensics came into existence which has both tools, techniques that can be used by bad guys to destroy digital evidence or hide that information from being retrieved by investigators.
It is an accepted fact that anti-forensic techniques are being widely used with an ultimate goal for bad guys is to challenge investigators and also in return investigators are gaining considerable knowledge about the drawbacks available in currently used forensic tools, which helps to develop a error-free forensic tool.
In this project, an investigation of the traditional anti forensic techniques is conducted such as hiding data using cryptography approaches, masking, changing file attributes and renaming of a file to unreadable extension by building an anti-forensic prototype, where the test cases are performed on the currently available forensic tools FTK and Prodiscover.
Finally, Impact on the developed anti-forensic tool against forensic tools are given and also comparative results between the other tool DiskOff which is the previous version of the tool is documented, where it has other methods implemented like cloning, deleting of files are implemented.