Anti-Forensics and Anti-Anti-Forensics: Attacks and Mitigating Techniques for Digital-Forensic Investigations

DEF CON 20

Presented by: Michael Perklin
Date: Friday July 27, 2012
Time: 17:00 - 17:50
Location: Track 1

Digital investigations may be conducted differently by various labs (law enforcement agencies, private firms, enterprise corporations) but each lab performs similar steps when acquiring, processing, analyzing, or reporting on data. This talk will discuss techniques that criminals can use to throw wrenches into each of these steps in order to disrupt an investigation, and how they can even force evidence to be excluded from litigation. Each of these techniques can be detected early by an investigator who is aware of them, and they can be avoided if you know what to look for. Come learn about Anti-Forensic techniques, and the Anti-Anti-Forensic techniques that mitigate them.

Michael Perklin

Michael Perklin is a Senior Investigator and has performed digital-forensic examinations on over a thousand devices. Michael is a member of the High Technology Crime Investigations Association, a professor of digital forensics at Sheridan College, and is currently writing his thesis paper on anti-forensic techniques. Twitter: @mperklin


KhanFu - Mobile schedules for INFOSEC conferences.
Mobile interface | Alternate Formats