Abstract:
Criminals employ steganography, a form of anti-forensics, to conceal information within other files, complicating the retrieval of original evidence in digital crimes and impeding investigations. Digital forensic analysts must employ appropriate tools to uncover hidden messages. This research aims to detect concealed files in digital evidence using steganography analysis techniques. The study utilizes the Improved Generic Forensics Investigation Model framework, comprising seven stages: pre-process, collection and preservation, examination, analysis, reporting, presentation, and post-process. Tools such as FexImager for extracting forensic images from the digital evidence, Hiderman, and StegSpy were employed specifically for steganography analysis, while OSForensics and WinHex were utilized for forensic analysis. The results demonstrate the effectiveness of StegSpy and Hiderman in identifying the steganography in 18 files out of 20, and the OSForensics tool in detecting mismatched files. Furthermore, this experiment provides empirical evidence supporting the proficiency of the Improved Generic Forensics Investigation Model in steganography detection.
|