Secure Deletion and the Effectiveness of Evidence Elimination Software
@inproceedings{Innes2005SecureDA,
title={Secure Deletion and the Effectiveness of Evidence Elimination Software},
author={Simon Innes},
booktitle={Australian Computer, Network \& Information Forensics Conference},
year={2005}
}This paper will discuss and analyse the different methods of wiping media to make them forensically clean. This will include naming the tools, running them on a device and seeing what the device logically looks like after it has completed. It will then follow on to analyse the effectiveness of software that is designed to eliminate evidence (such as web browser history) from a computer. This analysis will take place on a small FAT32 partition running Windows 98. The test environment will be…
No Paper Link Available
3 Citations
An Investigation into the Efficacy of Three Erasure Tools under Windows 7
- Computer Science
- 2010
It was found that the Anti-Tracks program did not erase any of the information targeted by the researchers, and end users should be careful in selecting or using erasure tools as they may behave differently under different operating systems, and may not always remove beyond recovery all information.
Lessons Learned from an Investigation into the Analysis Avoidance Techniques of Malicious Software
- Computer Science
- 2010
This paper outlines a number of key lessons learned from an investigation into the techniques malicious executable software can employ to hinder digital forensic examination. Malware signature…
A Study of Trace for Data Wiping Tools
- Computer Science
- 2010
This paper demonstrates the methods for detecting the usage of wiping tools in digital forensic investigation and intentionally destruction of evidence.
References
SHOWING 1-6 OF 6 REFERENCES
What is forensic computing
- Computer Science
- 1999
An overview of the field of forensic computing is provided of the process of identifying, preserving, analysing and presenting digital evidence in a manner that is legally acceptable.
Secure deletion of data from magnetic and solid-state memory
- Computer Science
- 1996
This paper covers some of the methods available to recover erased data and presents schemes to make this recovery significantly more difficult.
DoD 5220.22-M National Industrial Security Program Operating Manual Retrieved 12 October
- DoD 5220.22-M National Industrial Security Program Operating Manual Retrieved 12 October
- 2003
Wipe. Retrieved 25 October
- Wipe. Retrieved 25 October
- 2004
Answer Line: Wipe Your Drive Clean of All Its Sensitive Data Retrieved 6 October, 2004 from http://www.pcworld.com/howto/article/0,aid,110338,00.asp Symantec
- Switches: GDisk. Retrieved 8 October
- 2003
The Role of Computer Forensics in Stopping Executive Fraud
- 2004