1 |
N. A. Hassan and R. Hijazi, "Data Hiding Techniques in Windows OS", Elsevier, 2017.
|
2 |
Ewa Huebner, Derek Bem and Cheong Kai Wee, "Data hiding in the NTFS file system,", Digital Investigation, Vol. 3, Issue 4, pp. 211-226, Dec. 2006.
DOI
|
3 |
Gyu-Sang Cho, "A New NTFS Anti-Forensic Technique for NTFS Index Entry," The Journal of Korea Institute of Information, Electronics, and Communication Technology, Vol. 8, No. 4, pp. 327-337, Aug. 2015.
DOI
|
4 |
Fu-Hau Hsu1 et al., "Data concealments with high privacy in new technology file system," Journal of Supercomputing, Vol. 72, Issue 1, pp 120-140, Jan. 2016.
DOI
|
5 |
Gyu-Sang Cho, "Data Hiding in NTFS Timestamps for Anti-Forensics", International Journal of Internet, Broadcasting and Communication, vol. 8, no. 3, pp. 31-40, Aug. 2016.
|
6 |
Neuner, S. et al., "Time is on my side: steganography in filesystem metadata," Digital Investigation, Vol. 18, Supplement 7, pp. S76-S86, Aug. 2016,
DOI
|
7 |
Thomas Gobel and Harald Baier, "Anti-forensics in ext4: On secrecy and usability of timestamp-based data hiding," Digital Investigation, Vol. 24, pp. s111-s120, Mar. 2018.
DOI
|
8 |
B. Carrier, "File System Forensic Analysis", Addison-Wesley, pp. 273-396, Mar. 2005
|
9 |
INFO: Working with the FILETIME Structure, https://support.microsoft.com/en-us/help/188768/info-worki ng-with-the-filetime-structure
|
10 |
G.-S. Cho, "A Computer Forensic Method for Detecting Timestamp Forgery in NTFS," Computer & Security, Vol. 34, pp. 36-46. May. 2013.
DOI
|
11 |
Chu Luo et al., "A Data Hiding Approach for Sensitive Smartphone Data," DOI: 10.1145/2971648. 2971686, Sep. 2016.
DOI
|
12 |
Wicher Minnaard, "Timestomping NTFS," IMSc final research project report, University of Amsterdam, Faculty of Natural Sciences, Mathematics and Computer Science, Jul. 2014.
|
13 |
Metasploit Anti Forensics Project, http://www.metaspl oit.com/research/projects/antiforensics/
|
14 |
SetMace, "https://github.com/jschicht/SetMace"
|
15 |
T. Knutsson, "Filesystem Timestamps: What Makes Them Tick?," SANS Institute InfoSec Reading Room, pp. 1-27, Mar. 2016.
|