Skip to Main Content
Digital Archaeology: The Art and Science of Digital Forensics
book

Digital Archaeology: The Art and Science of Digital Forensics

by Michael W. Graves
August 2013
Intermediate to advanced content levelIntermediate to advanced
600 pages
16h 8m
English
Addison-Wesley Professional
Content preview from Digital Archaeology: The Art and Science of Digital Forensics

9. Document Analysis

One of the great challenges for a digital investigator comes when the evidence is in plain sight but can’t be found—or isn’t recognized for what it is. Perhaps a file isn’t what it says it is. On the simplest level, a JPEG image file might be renamed with an AVI extension, making it appear to be a video file. More complex techniques employed by the bad guys include embedding files within files (alternate data streams) or even burying small files in the Windows Registry. This chapter covers some of these techniques and how to uncover the evidence.

File Identification

In theory, the easiest aspect of a file search is the process of identifying what kind of file it is. The Windows file systems (and less universally, other file ...

Become an O’Reilly member and get unlimited access to this title plus top books and audiobooks from O’Reilly and nearly 200 top publishers, thousands of courses curated by job role, 150+ live events each month,
and much more.
Start your free trial

You might also like

The Basics of Digital Forensics

The Basics of Digital Forensics

John Sammons
Digital Forensics

Digital Forensics

John Sammons

Publisher Resources

ISBN: 9780132853774Purchase book