2016 Symposium Posters

Posters > 2016

Deceptive Memory Systems – Countering Anti-Forensics with Deception


Primary Investigator:
Saurabh Bagchi

Project Members
Christopher N. Gutierrez, Eugene Spafford, Saurabh Bagchi
The identification and preservation of digital evidence are crucial to uncovering the truth in digital crime. The computing systems that criminals compromise may store forensically valuable information. However, a sophisticated attacker can also compromise the integrity or availability of forensically valuable information. This work explores the use of deception to enhance the preservation of forensically valuable data objects through Deceptive Memory Systems (DecMS). When an attacker attempts to purge or modify evidence, DecMS migrates the evidence into a container and tricks the adversary into believing that their malicious action was successful. A forensic examiner may then run additional analysis on the potential evidence stored in the container.

Our annual information security symposium will take place on April 3rd and 4th, 2018.
Purdue University, West Lafayette, IN