• Corpus ID: 2834442

Secure Deletion and the Effectiveness of Evidence Elimination Software

  title={Secure Deletion and the Effectiveness of Evidence Elimination Software},
  author={Simon Innes},
  booktitle={Australian Computer, Network \& Information Forensics Conference},
  • Simon Innes
  • Published in
    Australian Computer, Network…
  • Computer Science
This paper will discuss and analyse the different methods of wiping media to make them forensically clean. This will include naming the tools, running them on a device and seeing what the device logically looks like after it has completed. It will then follow on to analyse the effectiveness of software that is designed to eliminate evidence (such as web browser history) from a computer. This analysis will take place on a small FAT32 partition running Windows 98. The test environment will be… 

Figures from this paper

An Investigation into the Efficacy of Three Erasure Tools under Windows 7
It was found that the Anti-Tracks program did not erase any of the information targeted by the researchers, and end users should be careful in selecting or using erasure tools as they may behave differently under different operating systems, and may not always remove beyond recovery all information.
Lessons Learned from an Investigation into the Analysis Avoidance Techniques of Malicious Software
This paper outlines a number of key lessons learned from an investigation into the techniques malicious executable software can employ to hinder digital forensic examination. Malware signature
A Study of Trace for Data Wiping Tools
This paper demonstrates the methods for detecting the usage of wiping tools in digital forensic investigation and intentionally destruction of evidence.


What is forensic computing
An overview of the field of forensic computing is provided of the process of identifying, preserving, analysing and presenting digital evidence in a manner that is legally acceptable.
Secure deletion of data from magnetic and solid-state memory
This paper covers some of the methods available to recover erased data and presents schemes to make this recovery significantly more difficult.
DoD 5220.22-M National Industrial Security Program Operating Manual Retrieved 12 October
  • DoD 5220.22-M National Industrial Security Program Operating Manual Retrieved 12 October
  • 2003
Wipe. Retrieved 25 October
  • Wipe. Retrieved 25 October
  • 2004
Answer Line: Wipe Your Drive Clean of All Its Sensitive Data Retrieved 6 October, 2004 from http://www.pcworld.com/howto/article/0,aid,110338,00.asp Symantec
  • Switches: GDisk. Retrieved 8 October
  • 2003
The Role of Computer Forensics in Stopping Executive Fraud
  • 2004