数据隐藏在XFS文件系统中

IF 2 4区医学 Q3 COMPUTER SCIENCE, INFORMATION SYSTEMS

Forensic Science International-Digital Investigation Pub Date : 2025-02-06 DOI:10.1016/j.fsidi.2025.301884

Fergus Toolan, Georgina Humphries

{"title":"数据隐藏在XFS文件系统中","authors":"Fergus Toolan, Georgina Humphries","doi":"10.1016/j.fsidi.2025.301884","DOIUrl":null,"url":null,"abstract":"<div><div>The ever increasing volume of anti-forensic tools and the growth in data hiding at the file system level has led to research in data hiding techniques in recent years. These techniques have focused on common file systems such as NTFS and the ext family. Less common file systems can also be used as a means of hiding data. This paper examines data hiding in the XFS file system, the default file system on all Red Hat Enterprise Linux distributions. The paper introduces five methods of data hiding in XFS and evaluates these techniques using the metrics of capacity, the amount of data that can be hidden, detection difficulty, the effort required to detect hidden data, and stability, the likelihood that the hidden data will persist through file system usage.</div></div>","PeriodicalId":48481,"journal":{"name":"Forensic Science International-Digital Investigation","volume":"52 ","pages":"Article 301884"},"PeriodicalIF":2.0000,"publicationDate":"2025-02-06","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":"{\"title\":\"Data hiding in the XFS file system\",\"authors\":\"Fergus Toolan, Georgina Humphries\",\"doi\":\"10.1016/j.fsidi.2025.301884\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"<div><div>The ever increasing volume of anti-forensic tools and the growth in data hiding at the file system level has led to research in data hiding techniques in recent years. These techniques have focused on common file systems such as NTFS and the ext family. Less common file systems can also be used as a means of hiding data. This paper examines data hiding in the XFS file system, the default file system on all Red Hat Enterprise Linux distributions. The paper introduces five methods of data hiding in XFS and evaluates these techniques using the metrics of capacity, the amount of data that can be hidden, detection difficulty, the effort required to detect hidden data, and stability, the likelihood that the hidden data will persist through file system usage.</div></div>\",\"PeriodicalId\":48481,\"journal\":{\"name\":\"Forensic Science International-Digital Investigation\",\"volume\":\"52 \",\"pages\":\"Article 301884\"},\"PeriodicalIF\":2.0000,\"publicationDate\":\"2025-02-06\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"0\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"Forensic Science International-Digital Investigation\",\"FirstCategoryId\":\"3\",\"ListUrlMain\":\"https://www.sciencedirect.com/science/article/pii/S266628172500023X\",\"RegionNum\":4,\"RegionCategory\":\"医学\",\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"Q3\",\"JCRName\":\"COMPUTER SCIENCE, INFORMATION SYSTEMS\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"Forensic Science International-Digital Investigation","FirstCategoryId":"3","ListUrlMain":"https://www.sciencedirect.com/science/article/pii/S266628172500023X","RegionNum":4,"RegionCategory":"医学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"Q3","JCRName":"COMPUTER SCIENCE, INFORMATION SYSTEMS","Score":null,"Total":0}

引用次数: 0

摘要

近年来，随着反取证工具数量的不断增加和文件系统级数据隐藏技术的发展，数据隐藏技术得到了广泛的研究。这些技术关注的是常见的文件系统，如NTFS和ext系列。不太常见的文件系统也可以用作隐藏数据的手段。本文研究隐藏在XFS文件系统中的数据，XFS是所有Red Hat Enterprise Linux发行版的默认文件系统。本文介绍了在XFS中隐藏数据的五种方法，并使用容量、可隐藏的数据量、检测难度、检测隐藏数据所需的工作量以及稳定性（隐藏数据在使用文件系统时持续存在的可能性）等指标来评估这些技术。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

查看原文本刊更多论文

Data hiding in the XFS file system

The ever increasing volume of anti-forensic tools and the growth in data hiding at the file system level has led to research in data hiding techniques in recent years. These techniques have focused on common file systems such as NTFS and the ext family. Less common file systems can also be used as a means of hiding data. This paper examines data hiding in the XFS file system, the default file system on all Red Hat Enterprise Linux distributions. The paper introduces five methods of data hiding in XFS and evaluates these techniques using the metrics of capacity, the amount of data that can be hidden, detection difficulty, the effort required to detect hidden data, and stability, the likelihood that the hidden data will persist through file system usage.

求助全文

通过发布文献求助，成功后即可免费获取论文全文。去求助

来源期刊

Forensic Science International-Digital Investigation Multiple-

CiteScore

5.90

自引率

15.00%

发文量

审稿时长

76 days