DETECTION AND IMPLEMENTATION OF ALTERNATE DATA STREAMS IN THE COMPUTER AND NETWORK SYSTEMS

DETECTION AND IMPLEMENTATION OF ALTERNATE DATA STREAMS IN THE COMPUTER AND NETWORK SYSTEMS

Authors

  • Petar Boyanov DEPARTMENT OF COMMUNICATION AND COMPUTER TECHNOLOGY, FACULTY OF TECHNICAL SCIENCES, KONSTANTIN PRESLAVSKY UNIVERSITY OF SHUMEN, SHUMEN 9712,115, UNIVERSITETSKA STR,

DOI:

https://doi.org/10.46687/jsar.v7i1.163

Keywords:

Alternate Data Streams, Computer and network systems, Windows Server, Detection, Implementation

Abstract

In this paper a common detectionand implementation of Alternate Data Streams in the operating system Windows Server 2008 R2 is made. Nowadays it is very important each system administrator and security professional to detect and analyze different types of alternate data streams. These steams can hide sensible secret or malicious files that can damage some of the computer and networks resources.

Author Biography

Petar Boyanov, DEPARTMENT OF COMMUNICATION AND COMPUTER TECHNOLOGY, FACULTY OF TECHNICAL SCIENCES, KONSTANTIN PRESLAVSKY UNIVERSITY OF SHUMEN, SHUMEN 9712,115, UNIVERSITETSKA STR,

DEPARTMENT OF COMMUNICATION AND COMPUTER TECHNOLOGY, FACULTY OF TECHNICAL SCIENCES, KONSTANTIN PRESLAVSKY UNIVERSITY OF SHUMEN, SHUMEN 9712,115, UNIVERSITETSKA STR,

ORCID iD icon https://orcid.org/0000-0003-3668-6713

References

Altheide, Cory. "Forensic analysis of Windows hosts using UNIX-based tools." Digital Investigation 1, no. 3 (2004): 197-212.

Anglin, Matthew Joseph, David Maxwell Cannon, Barry Fruchtman, AvishaiHaim Hochberg, and James Patrick Smith. "Separating file data streams to enhance progressive incremental processing." U.S. Patent 7,908,246, issued March 15, 2011.

Bem, Derek, and Ewa Z. Huebner. "Alternate Data Streams in Forensic Investigations of File Systems Backups." Current Computing Developments in E-Commerce, Security, HCI, DB, Collaborative and Cooperative Systems (2006): 449-460.

Berghel, Hal, and NatasaBrajkovska. "Wading into alternate data streams." Communications of the ACM 47, no. 4 (2004): 21-27.

Berghel, Hal. "Wireless infidelity I: War driving." Communications of the ACM 47, no. 9 (2004): 21-26.

Berghel, Hal, David Hoelzer, and Michael Sthultz. "Data hiding tactics for Windows and Unix file systems." Advances in Computers 74 (2008): 1-17.

Broomfield, Mike. "Ntfs alternate data streams: focused hacking.", Network Security 2006, no. 8 (2006): 7-9.

Cogswell, Bryce, and Mark Russinovich. "Rootkitrevealer v1. 71.", Rootkit detection tool by Microsoft (2006).

Davis, Jeremy, Joe MacLean, and David Dampier. "Methods of information hiding and detection in file systems." In Systematic Approaches to Digital Forensic Engineering (SADFE), 2010 Fifth IEEE International Workshop on, pp. 66-69. IEEE, 2010.

French, Steven Michael, David John Kleikamp, and Theodore YueTakTso. "Method and apparatus for emulating alternate data streams across heterogeneous file systems." U.S. Patent Application 11/467,424, filed August 25, 2006.

Gardner, Patrick A., Spencer D. Smith, and Alexander Danileiko. "Method and apparatus for detecting executable software in an alternate data stream." U.S. Patent 8,141,153, issued March 20, 2012.

Hristov Hr., "A passive strategy for management of counteraction toencroachments on business organization, a refereed Journal Scientific and Applied Research (Licensed in EBSCO, USA), ISSN 1314-6289, Vol.6, 2014, pp. 187-194

Huebner, Ewa, Derek Bem, and Cheong Kai Wee. "Data hiding in the NTFS file system." digital investigation 3, no. 4 (2006): 211-226.

Hurlbut, Dustin. "Thumbs DB Files Forensic Issues." AccessData Training Document (2005).

Kankanhalli, Mohan S., Jun Wang, and Ramesh Jain. "Experiential sampling on multiple data streams." Multimedia, IEEE Transactions on 8, no. 5 (2006): 947-955.

Kent, Karen, Suzanne Chevalier, Tim Grance, and Hung Dang. "Guide to integrating forensic techniques into incident response." NIST Special Publication (2006): 800-86.

Knierim, Daniel G., and John A. Martin. "Memory system for storing data from variable numbers of input data streams." U.S. Patent 4,975,880, issued December 4, 1990.

Lee, Jaejin, Chungyong Lee, and Douglas B. Williams. "Secure communication using chaos." In Global Telecommunications Conference, 1995. GLOBECOM'95., IEEE, vol. 2, pp. 1183-1187. IEEE, 1995.

Means, Ryan L. "Alternate data streams: out of the shadows and into the light." Retrieved September 20 (2003): 2005.

Nachev, A., S. Zhelezov. Assessing the efficiency of information protection systems in the computer systems and networks. Информационныетехнологии и безопасность, ЖурналАкад. наукУкраины., Спец. выпуск, Киев, 2013, Стр. 79-86

Olston, Chris, Jing Jiang, and Jennifer Widom. "Adaptive filters for continuous queries over distributed data streams." In Proceedings of the 2003 ACM SIGMOD international conference on Management of data, pp. 563-574. ACM, 2003.

Parker, Don. "Windows ntfs alternate data streams." Security Focus 16 (2005).

Rogers, M., and M. Lockheed. "Anti-forensics." Center for Education and Research in Information Assurance & Security (CERIAS), Department of Information and Computer Technology, Purdue University (2005).

Stokes, Randall K. "Method for creation, management, and use of files containing multiple virtual data streams using standard file system APIs." U.S. Patent 6,466,944, issued October 15, 2002.

Tasheva, Z. N., Tasheva, A. T. Combining cryptography and steganography in software system for hiding confidential information, International Journal of Science, Education and Innovation, Volume 1, 2013. ISSN 1314-9784, Association Scientific and Applied Research, pp. 84-92.

Thomas, McGee, and AgnihotriLalitha. "Method and system for information alerts." U.S. Patent Application 10/053,451, filed November 9, 2001.

Wee, Cheong Kai. "Analysis of hidden data in NTFS file system." Edith Cowan University (2006).

Zadjmool, Ray. "Hidden threat: Alternate data streams." Retrieved September 20 (2004): 2005.

Zeadally, Sherali, EceYaprak, and Y. Li. "A SURVEY OF NETWORK PERFORMANCE TOOLS." (2002).

Downloads

Published

11.03.2023

How to Cite

Boyanov, P. (2023). DETECTION AND IMPLEMENTATION OF ALTERNATE DATA STREAMS IN THE COMPUTER AND NETWORK SYSTEMS: DETECTION AND IMPLEMENTATION OF ALTERNATE DATA STREAMS IN THE COMPUTER AND NETWORK SYSTEMS. JOURNAL SCIENTIFIC AND APPLIED RESEARCH, 7(1), 34–42. https://doi.org/10.46687/jsar.v7i1.163

Most read articles by the same author(s)

1 2 3 4 5 6 7 8 9 > >>