De-Wipimization: Detection of data wiping traces for investigating NTFS file system
DC Field | Value | Language |
---|---|---|
dc.contributor.author | Oh, Dong Bin | - |
dc.contributor.author | Park, Kyung Ho | - |
dc.contributor.author | Kim, Huy Kang | - |
dc.date.accessioned | 2021-08-30T07:03:38Z | - |
dc.date.available | 2021-08-30T07:03:38Z | - |
dc.date.created | 2021-06-19 | - |
dc.date.issued | 2020-12 | - |
dc.identifier.issn | 0167-4048 | - |
dc.identifier.uri | https://scholar.korea.ac.kr/handle/2021.sw.korea/51311 | - |
dc.description.abstract | Data wiping is used to securely delete securely unwanted files. However, the misuse of data wiping can destroy pieces of evidence to be spoiled in a digital forensic investigation. To cope with the misuse of data wiping, we proposed an anti-anti-forensic method based on NTFS transaction features and a machine leaming algorithm. This method allows investigators to obtain information regarding 'which files are wiped' and 'which data wiping tools and data sanitization standards used'. In this study, we achieved good identification of data wiping traces in the NTFS file system. Leveraging the efficiency of machine leaming mod els, our method effectively recognizes wiped partitions and files in the NTFS file system and identifies tools used in data sanitization. (C) 2020 Elsevier Ltd. All rights reserved. | - |
dc.language | English | - |
dc.language.iso | en | - |
dc.publisher | ELSEVIER ADVANCED TECHNOLOGY | - |
dc.title | De-Wipimization: Detection of data wiping traces for investigating NTFS file system | - |
dc.type | Article | - |
dc.contributor.affiliatedAuthor | Kim, Huy Kang | - |
dc.identifier.doi | 10.1016/j.cose.2020.102034 | - |
dc.identifier.scopusid | 2-s2.0-85090998215 | - |
dc.identifier.wosid | 000591706300003 | - |
dc.identifier.bibliographicCitation | COMPUTERS & SECURITY, v.99 | - |
dc.relation.isPartOf | COMPUTERS & SECURITY | - |
dc.citation.title | COMPUTERS & SECURITY | - |
dc.citation.volume | 99 | - |
dc.type.rims | ART | - |
dc.type.docType | Article | - |
dc.description.journalClass | 1 | - |
dc.description.journalRegisteredClass | scie | - |
dc.description.journalRegisteredClass | scopus | - |
dc.relation.journalResearchArea | Computer Science | - |
dc.relation.journalWebOfScienceCategory | Computer Science, Information Systems | - |
dc.subject.keywordAuthor | Cybercrime | - |
dc.subject.keywordAuthor | Anti-forensic | - |
dc.subject.keywordAuthor | Data wiping | - |
dc.subject.keywordAuthor | Machine leaming | - |
Items in ScholarWorks are protected by copyright, with all rights reserved, unless otherwise indicated.
(02841) 서울특별시 성북구 안암로 14502-3290-1114
COPYRIGHT © 2021 Korea University. All Rights Reserved.
Certain data included herein are derived from the © Web of Science of Clarivate Analytics. All rights reserved.
You may not copy or re-distribute this material in whole or in part without the prior written consent of Clarivate Analytics.