Ghanem, Mohamed Chahine, Uribarri, Maider D., Djemai, Ramzi, Dunsin, Dipo and Araujo, Istteffanny Isloure (2023) A novel hybrid method for effective identification and extraction of digital evidence masked by steganographic techniques in WAV and MP3 files. Journal of Information Security and Cybercrimes Research, 6 (2). pp. 89-104. ISSN 1658-7790
Anti-forensics techniques, particularly steganography and cryptography, have become increasingly pressing issues affecting current digital forensics practices. This paper advances the automation of hidden evidence extraction in audio files by proposing a novel multi-approach method. This method facilitates the correlation between unprocessed artefacts, indexed and live forensics analysis, and traditional steganographic and cryp- tographic detection techniques. In this work, we opted for experimental research methodology in the form of a quantitative analysis of the efficiency of the proposed automation in detecting and extracting hidden artefacts in WAV and MP3 audio files. This comparison is made against standard industry systems. This work advances the current automation in extracting evidence hidden by cryptographic and steganographic techniques during forensic investigations. The proposed multi-approach demonstrates a clear enhancement in terms of cover- age and accuracy, notably on large audio files (MP3 and WAV), where manual forensic analysis is complex, time-consuming and requires significant expertise. Nonetheless, the proposed multi-approach automation may occasionally produce false positives (detecting steganography where none exists) or false negatives (failing to detect steganography that is present). However, it strikes a good balance between efficiently and effectively detecting hidden evidence, minimising false negatives and validating its reliability.
Available under License Creative Commons Attribution Non-commercial 4.0.
Download (1MB) | Preview
View Item |