A novel hybrid method for effective identification and extraction of digital evidence masked by steganographic techniques in WAV and MP3 files

Ghanem, Mohamed Chahine, Uribarri, Maider D., Djemai, Ramzi, Dunsin, Dipo and Araujo, Istteffanny Isloure (2023) A novel hybrid method for effective identification and extraction of digital evidence masked by steganographic techniques in WAV and MP3 files. Journal of Information Security and Cybercrimes Research, 6 (2). pp. 89-104. ISSN 1658-7790

2508-Manuscript (Without Author Details) _-21309-1-10-20231231.pdf - Published Version
Available under License Creative Commons Attribution Non-commercial 4.0.

Download (1MB) | Preview
Official URL: https://journals.nauss.edu.sa/index.php/JISCR/arti...

Abstract / Description

Anti-forensics techniques, particularly steganography and cryptography, have become increasingly pressing issues affecting current digital forensics practices. This paper advances the automation of hidden evidence extraction in audio files by proposing a novel multi-approach method. This method facilitates the correlation between unprocessed artefacts, indexed and live forensics analysis, and traditional steganographic and cryp- tographic detection techniques. In this work, we opted for experimental research methodology in the form of a quantitative analysis of the efficiency of the proposed automation in detecting and extracting hidden artefacts in WAV and MP3 audio files. This comparison is made against standard industry systems. This work advances the current automation in extracting evidence hidden by cryptographic and steganographic techniques during forensic investigations. The proposed multi-approach demonstrates a clear enhancement in terms of cover- age and accuracy, notably on large audio files (MP3 and WAV), where manual forensic analysis is complex, time-consuming and requires significant expertise. Nonetheless, the proposed multi-approach automation may occasionally produce false positives (detecting steganography where none exists) or false negatives (failing to detect steganography that is present). However, it strikes a good balance between efficiently and effectively detecting hidden evidence, minimising false negatives and validating its reliability.

Item Type: Article
Uncontrolled Keywords: anti-forensics; steganography; steganalysis; cryptography; data hiding; digital forensics; cybercrime investigation; WAV; MP3; Exterro FTK; Magnet AXIOM
Subjects: 000 Computer science, information & general works
600 Technology
Department: School of Computing and Digital Media
Depositing User: Mohamed Ghanem
Date Deposited: 03 Jan 2024 17:02
Last Modified: 02 Feb 2024 15:36
URI: https://repository.londonmet.ac.uk/id/eprint/9033


Downloads per month over past year

Downloads each year

Actions (login required)

View Item View Item