The Art Of Defiling: Defeating Forensic Analysis On Unix File Systems presented at Blackhat Europe 2004

by The Grugq,

Tags: Security Analysis Unix

Summary : The rise in prominence of incident response and digital forensic analysis has prompted a reaction from the underground community. Increasingly, attacks against forensic tools and methodologies are being used in the wild to hamper investigations. This talk will: familiarize the audience with Unix file system structures; examine the forensic tools commonly used, and explore the theories behind file system anti-forensic attacks. In addition, several implementations of new anti-forensic techniques will be released during the talk.