International Journal of Internet, Broadcasting and Communication

The Institute of Internet, Broadcasting and Communication (한국인터넷방송통신학회)
권호 표지
DOI QR코드

DOI QR Code

File Signature's Automatic Calculation Algorithm Proposal for Digital Forensic

  • Received : 2021.07.02
  • Accepted : 2021.07.08
  • Published : 2021.08.31
Download PDF
⟨ Previous Next ⟩

Abstract

Recently, digital crime is becoming more intelligent, and efficient digital forensic techniques are required to collect evidence for this. In the case of important files related to crime, a specific person may intentionally delete the file. In such a situation, data recovery is a very important procedure that can prove criminal charges. Although there are various methods to recover deleted files, we focuses on the recovery technique using HxD editor. When recovering a deleted file using the HxD editor, check the file structure and access the file data area through calculation. However, there is a possibility that errors such as arithmetic errors may occur when a file approach through calculation is used. Therefore, in this paper, we propose an algorithm that automatically calculates the header and footer of a file after checking the file signature in the root directory for efficient file recovery. If the algorithm proposed in this paper is used, it is expected that the error rate of arithmetic errors in the file recovery process can be reduced.

Keywords

References

  1. Gyusang Cho, "A Maximum Data Allocation Rule for an Anti-forensic Data Hiding Method in NTFS Index Record", The International Journal of Internet, Broadcasting and Communication(IJIBC), Vol. 9, No. 3, pp. 17-26, May 2017. DOI: https://doi.org/10.7236/IJIBC.2017.9.3.17
  2. Jiyoon Ham, Joshua I. James, "A Feature Comparison of Modern Digital Forensic Imaging Software", The Journal of The Institute of Internet, Broadcasting and Communication (IIBC), Vol. 19, No. 6, pp. 15-20, Dec 2019 DOI: https://doi.org/10.7236/JIIBC.2019.19.6.15
  3. Eunjin Jang, Seungjung Shin, "Proposal of New Data Processing Function to Improve the Security of Self-driving Cars System", The Journal of The Institute of Internet, Broadcasting and Communication(JIIBC), Vol.20, No.4, pp.81-86, Aug 2020 DOI: http://doi.org/10.7236/JIIBC.2020.20.4.81
  4. Dohyun Kim, Junki Kim, Sangjin Lee, "An Analysis of Google Cloud Data from a Digital Forensic Perspective", The Journal of The Korea Institute of Information and Communication Engineering(JKIICE), Vol.24, No.12, pp.1662-1669, Dec 2020 DOI: http://doi.org/10.6109/JKIICE.2020.24.12.1662
  5. Yeonjoo Lee, Jeongmin Kim, Sungjin Lee, "A Study of Polaris Office Forensic Artifact", The Journal of Digital Forensics(KDFS), Vol.14, No.4, pp.368-378, Dec 2020 DOI: http://doi.org/10.22798/KDFS.2020.14.4.368
  6. Soojin Kang, Sumin Shin, Giyoon Kim, Jongsung Kim, "Forensic Analysis of Locking Pictures, Hiding Photos/Video and Safe Gallery/Camera Applications", The Journal of Digital Forensics(KDFS), Vol.14, No.2, pp.125-138, Jun 2020 DOI: http://doi.org/10.22798/KDFS.2020.14.2.125
  7. Seyool Park, Sangjin Lee, "Forensic Investigation of HWP File", The Journal of Digital Forensics(KDFS), Vol.14, No.4, pp.408-425, Dec 2020 DOI: http://doi.org/10.22798/KDFS.2020.14.4.408
  8. Woohwan Nam, "Android Emulators Forensic Analysis Technique", The Journal of Digital Forensics(KDFS), Vol.13, No.4, pp.303-315, Dec 2019 DOI: http://doi.org/10.22798/KDFS.2019.13.4.303
  9. Seunghee Seo, Yeog Kim, Changhoon Lee, "Countering Portable Executable File Header Removing based Anti-Memory Forensic Techniques", The Journal of Digital Forensics(KDFS), Vol.15, No.2, pp.50-59, Jun 2021 DOI: http://doi.org/10.22798/KDFS.2021.15.2.50
  10. Sanghuk Yoon, Sangjin Lee, "A Study on Digital Evidence Automatic Screening System", The Journal of Digital Forensics(KDFS), Vol.14, No.3, pp.239-251, Sep 2020 DOI: http://doi.org/10.22798/KDFS.2020.14.3.239