Site icon Eminence Papers

Analyzing Images to Identify Suspicious or Modified Files

Analyzing Images to Identify Suspicious or Modified Files

Most hackers and cybercriminals aim to cover tracks by hiding the potential evidence that would associate them with a crime (Kao, 2017). Many methods of concealing evidence include steganography, encryptions, and deleting data files. In forensics, many tools extract hidden or deleted files from hard drives and file systems.

Do you need urgent assignment help ? Reach out to us. We endeavor to assist you the best way possible.

File recovery methods

File recovery retrieves data or files from deleted sources or damaged partitions (Plum & Dewald, 2018). The forensic examiner must ensure data is not overwritten during recovery. Various file recovery methods include using forensic tools to scrub a folder like Encase, Win Undelete, and Disk Grabber. Manual file recovery where the shell commands are utilized, especially Linux distros. File recovery from damaged storage media through logical and physical healing and file carving. Files can generally be recovered from deleted, lost, formatted, and raw hard drive partitions.

E3 commander image sorting and analysis

E3 commander is a forensic lab tool used to acquire data from multiple sources of various formats, analyze them, and report by reviewing the evidence (Ojagbule, 2019). This tool analyzes images of files but not the original files. This tool has a sorting feature that acts as a data carving method. The device receives the large files or data to be analyzed and breaks them into small chunks based on the information in their headers (Ojagbule, 2019). File extensions like graphics and spreadsheets are identifiable from sorting the header information. The sorting feature aids in the search process of files by making it easy.

Data is only erased temporarily while performing the delete process. DaData deleted or residing in damaged storage can be retrieved and processed using forensics tools and methodology. Forensic examiners should be competent and ensure they find all the possible sources of evidence.

References

Ojagbule, O. (2019). Security Analysis of the Internet of Things Using Digital Forensics and Penetration Testing Tools.

Kao, D. Y. (2017, February). Exploring the cybercrime investigation framework of ATM Heist from ISO/IEC 27043: 2015. In 2017, the 19th International Conference on Advanced Communication Technology (ICACT) (pp. 177-182). IEEE.

Plum, J., & Dewald, A. (2018, August). Forensic pdf file recovery. In Proceedings of the 13th International Conference on Availability, Reliability and Security (pp. 1-10).

ORDER A PLAGIARISM-FREE PAPER HERE

We’ll write everything from scratch

Question 


Analyzing Images to Identify Suspicious or Modified Files

Write one page that discusses the elements listed below.
Briefly describe the file recovery methods used in the lab.
Explain how to sort and analyze image files using E3 Commander’s Sorting feature.

Exit mobile version