Abstract
Computer file signature is a unique hexadecimal value written to a file header that acts as an identifying feature to identify a file type, as criminals are becoming more and more aware of digitalization these days; they tend to hide sensitive file information within the computer itself without destroying it using tricks to work for them. One of those tricks is to alter a file extension. Accordingly, a more adequate method of data analysis, known as file signature analysis, is needed to counter these measures, and it is done using hexadecimal editor software (HxD). A manipulated computer file can be opened in this software to get its file signature which can be further searched in online database (File Signatures Database) detecting the correct format (extension) of the file rendering criminals plotting to fail and by bringing the hidden information into light.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Abbreviations
- FTK:
-
File Toolkit
- PDF:
-
Portable Document Format
- JPG:
-
Joint Photographic Expert Group
- PNG:
-
Portable Network Graphics
- GIF:
-
Graphic Interchange Format
- TIF:
-
Tagged Image File
- FLAC:
-
Free Lossless Audio File
- WAV:
-
Waveform Audio File
- FLV:
-
Flash Video
- WMV:
-
Windows Media Video
- HTML:
-
Hyper Text Markup Language
References
Carrier B (2005) File system forensic analysis. Addison-Wesley
Koblitz N, Menezes AJ (2007) Another look at provable security. J Crypt
Mohay G, Anderson A, Collie B, De Vel OM, Kemmish R (2003) Computer and intrusion forensics. Artech House, MA, USA
HxD Computer Forensic Software Homepage. https://www.mh_nexus.de/en/hxd. Last accessed 21 Feb 2020
File Signature Database Homepage. https://www.filesignatures.net. Last accessed 13 Apr 2020
Burr WE Cryptographic hash standards where do we go from here? In: IEEE security and privacy, pp 88–91
The Forensics Toolkit Homepage. https://www.accesssdata.com. Last accessed 12 Feb 2020
Guidance Software Encase Homepage. https://www.guidancesoftware.com. Last accessed 21 Feb 2020
Jhead Homepage. https://www.sentex.net/~mwandle/jhead/. Last accessed 21 Feb 2020
DataLifter, Computer Forensics Software Homepage. https://www.datalifter.com. Last accessed 21 Feb 2020
Haggerty TT (2007) FORSIGS-New approaches for security, privacy and trust in complex environments. In: Proceedings of the IFIP TC-11 22nd international information security conference, Sandton, South Africa, pp 1–12
Yip M (2008) Signature Analysis and computer forensics. School of Computer Science, University of Birmingham, UK, pp 1–11
Karresand M, Shahmehri N (2006) File type identification of data fragments by their binary structure. In: Proceedings of the 2006 IEEE workshop on information assurance, US Military Academy, West Point NY, 21–23 June 2006
Li X, Seberry J (2003) Forensic computing. In: Proceedings of lNDOCRYPT, New Delhi, India, LNCS 2904, Springer, pp 18–35, 8–10 Dec 2003
Ying Z, Robertazzi TG (2014) Signature searching in a networked collection of files. In: IEEE Trans Parallel Distrib Syst 25:1339–1348
McClelland D, Marturana F (2014) A digital forensics triage methodology based on feature manipulation techniques. In: Proceedings of the international conference on communications workshops, Sydney, Australia, pp 676–681
Richard GG, Roussev V (2005) Scalpel: a frugal, high performance file carver. In: Proceedings of digital forensic research workshop, New Orleans, USA, 17–19 Aug 2005
GCK’s File Signatures Table Homepage. https://graykessler.net/library/file_sigs.html. Last accessed 16 Apr 2020
Acknowledgements
I would like to express my heartfelt gratitude to my Head of the Department and Dean of School of Basic and Applied Sciences, Galgotias University, Greater Noida, for giving me with an auspicious opportunity to begin a project of my own. Their benevolent and supporting nature has always guided me toward the successful completion of this paper.
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2021 The Author(s), under exclusive license to Springer Nature Singapore Pte Ltd.
About this paper
Cite this paper
Sourabh, S., Chauhan, M. (2021). Computer File Signature Analysis Through Hexadecimal Editor Software. In: Abraham, A., Castillo, O., Virmani, D. (eds) Proceedings of 3rd International Conference on Computing Informatics and Networks. Lecture Notes in Networks and Systems, vol 167. Springer, Singapore. https://doi.org/10.1007/978-981-15-9712-1_9
Download citation
DOI: https://doi.org/10.1007/978-981-15-9712-1_9
Published:
Publisher Name: Springer, Singapore
Print ISBN: 978-981-15-9711-4
Online ISBN: 978-981-15-9712-1
eBook Packages: EngineeringEngineering (R0)