The Research of Fast File Destruction Based on NTFS
NTFS has become the main file system of Windows. Computer users access data by file system. While deleting a file, the file system only makes some marks but not erase the MFT record and data field, it leaves many traces on the disk. Through certain data recovery means, the deleted file still can be reconstruction. Therefore, file destruction is crucial importance to some secret files. This paper, not only do we introduce the basal principle of NTFS, but also propose an efficient method to destroy file or directory by analyzing the change of file system while deleting a file. This research has significant value in computer privacy protection, classified protection of security information and anti-forensics.
KeywordsNTFS file destruction computer anti-forensics B+ Tree file system
Unable to display preview. Download preview PDF.
- 1.Marin: Data reproduce. Tsinghua University Press, Beijing (2009)Google Scholar
- 2.Dai, S.: Technology of data recovery. Electronic Industry Press, Beijing (2005)Google Scholar
- 3.Huang, B.: Analysis of traces on storage media by file operation for NTFS file system. Computer Engineering 33, 281–283 (2007)Google Scholar
- 4.Wu, W., Lu, Q., Wang, Z., Su, Q.: Dynamic analysis of B+ tree structure of index in NTFS directory. Computer Engineering and Design 31, 4843–4846 (2010)Google Scholar
- 5.Wen, D., Fan, B.: Secure file erasing for NTFS file system. Computer Knowledge and Technology 20, 5463–5464 (2010)Google Scholar
- 6.Wang, X.: Algorithmic Design And Analysis. Tsinghua University Press, Beijing (2008)Google Scholar
- 7.Lippman, S.B., Lajoie, J., Moo, B.E.: C++ Primer. Posts & Telecom Press (2006)Google Scholar