Data concealments with high privacy in new technology file system

Fu Hau Hsu, Min Hao Wu, Syun Cheng Ou, Shiuh Jeng Wang

研究成果: 雜誌貢獻期刊論文同行評審

2 引文 斯高帕斯(Scopus)

摘要

This paper proposes a new approach, called file concealer (FC), to conceal files in a computer system. FC modifies metadata about a file in NTFS (New Technology File System) to hide the file. Unlike traditional hooking methods which can be easily detected by antivirus software, experimental results show that it is difficult for antivirus software to detect the files hidden by FC. Moreover, to enhance the concealment capability of FC, FC also rearranges the order of some data sectors of a hidden file. As a result, even if another person finds the original sectors used by the hidden file, it is difficult for him to recover the original content of the hidden file. Experimental results show that even data recovery tools cannot restore the content of a hidden file. All information that is required to restore a hidden file is stored in a file, called recovery file hereafter. When a user uses FC to hide a file, the user can specify any file as a host file, such as an image file, to which the recovery file will be appended. As a result, the user can easily restore a hidden file; however, it is difficult for other person to detect or restore the hidden file and the related recovery file.

原文???core.languages.en_GB???
頁(從 - 到)120-140
頁數21
期刊Journal of Supercomputing
72
發行號1
DOIs
出版狀態已出版 - 1 1月 2016

指紋

深入研究「Data concealments with high privacy in new technology file system」主題。共同形成了獨特的指紋。

引用此