• DocumentCode
    253391
  • Title

    ADS: Protecting NTFS from hacking

  • Author

    Mahajan, Rashima ; Singh, Monika ; Miglani, Sumit

  • Author_Institution
    CSED, Thapar Univ., Patiala, India
  • fYear
    2014
  • fDate
    9-11 May 2014
  • Firstpage
    1
  • Lastpage
    4
  • Abstract
    Alternate Data Streams is one of the possible ways to hide data in NTFS file system in Windows. It was introduced to make Windows NTFS compatible with HFS file system of Macintosh. This paper explains what exactly alternate data streams are, their requirement and their functionality. It also explains whether alternate data streams is a feature or a vulnerability of NTFS file system. It explains how hacker can utilize this functionality of NTFS to hide malicious codes in victim´s machine so as to compromise it. All possible ways of hiding data and techniques for detecting and removing ADS are also explained. It mainly focuses on criminals who use various data hiding techniques in order to hide their data from the forensic analysts. Finally its main focus is on explaining an ADS Tool that is a graphical tool which enables user to create, start, detect and delete ADS.
  • Keywords
    computer crime; data encapsulation; digital forensics; storage management; ADS tool; HFS file system; Macintosh; NTFS file system; Windows NTFS; alternate data streams; data hiding techniques; forensic analyst; graphical tool; hacking; malicious codes; File systems; Streaming media; Alternate Data Streams; HFS; NTFS; creation; deletion; detection;
  • fLanguage
    English
  • Publisher
    ieee
  • Conference_Titel
    Recent Advances and Innovations in Engineering (ICRAIE), 2014
  • Conference_Location
    Jaipur
  • Print_ISBN
    978-1-4799-4041-7
  • Type

    conf

  • DOI
    10.1109/ICRAIE.2014.6909325
  • Filename
    6909325
    • Link To Document
    https://search.isc.ac/dl/search/defaultta.aspx?DTC=49&DC=253391