Skip to main content
SpringerLink
Log in

Computer File Signature Analysis Through Hexadecimal Editor Software

  • Conference paper
  • First Online:
Proceedings of 3rd International Conference on Computing Informatics and Networks

Part of the book series: Lecture Notes in Networks and Systems ((LNNS,volume 167))

  • 820 Accesses

Abstract

Computer file signature is a unique hexadecimal value written to a file header that acts as an identifying feature to identify a file type, as criminals are becoming more and more aware of digitalization these days; they tend to hide sensitive file information within the computer itself without destroying it using tricks to work for them. One of those tricks is to alter a file extension. Accordingly, a more adequate method of data analysis, known as file signature analysis, is needed to counter these measures, and it is done using hexadecimal editor software (HxD). A manipulated computer file can be opened in this software to get its file signature which can be further searched in online database (File Signatures Database) detecting the correct format (extension) of the file rendering criminals plotting to fail and by bringing the hidden information into light.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 169.00
Price excludes VAT (USA)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 219.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info
Hardcover Book
USD 219.99
Price excludes VAT (USA)
  • Durable hardcover edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Abbreviations

FTK:

File Toolkit

PDF:

Portable Document Format

JPG:

Joint Photographic Expert Group

PNG:

Portable Network Graphics

GIF:

Graphic Interchange Format

TIF:

Tagged Image File

FLAC:

Free Lossless Audio File

WAV:

Waveform Audio File

FLV:

Flash Video

WMV:

Windows Media Video

HTML:

Hyper Text Markup Language

References

  1. Carrier B (2005) File system forensic analysis. Addison-Wesley

    Google Scholar 

  2. Koblitz N, Menezes AJ (2007) Another look at provable security. J Crypt

    Google Scholar 

  3. Mohay G, Anderson A, Collie B, De Vel OM, Kemmish R (2003) Computer and intrusion forensics. Artech House, MA, USA

    Google Scholar 

  4. HxD Computer Forensic Software Homepage. https://www.mh_nexus.de/en/hxd. Last accessed 21 Feb 2020

    Google Scholar 

  5. File Signature Database Homepage. https://www.filesignatures.net. Last accessed 13 Apr 2020

  6. Burr WE Cryptographic hash standards where do we go from here? In: IEEE security and privacy, pp 88–91

    Google Scholar 

  7. The Forensics Toolkit Homepage. https://www.accesssdata.com. Last accessed 12 Feb 2020

  8. Guidance Software Encase Homepage. https://www.guidancesoftware.com. Last accessed 21 Feb 2020

  9. Jhead Homepage. https://www.sentex.net/~mwandle/jhead/. Last accessed 21 Feb 2020

  10. DataLifter, Computer Forensics Software Homepage. https://www.datalifter.com. Last accessed 21 Feb 2020

  11. Haggerty TT (2007) FORSIGS-New approaches for security, privacy and trust in complex environments. In: Proceedings of the IFIP TC-11 22nd international information security conference, Sandton, South Africa, pp 1–12

    Google Scholar 

  12. Yip M (2008) Signature Analysis and computer forensics. School of Computer Science, University of Birmingham, UK, pp 1–11

    Google Scholar 

  13. Karresand M, Shahmehri N (2006) File type identification of data fragments by their binary structure. In: Proceedings of the 2006 IEEE workshop on information assurance, US Military Academy, West Point NY, 21–23 June 2006

    Google Scholar 

  14. Li X, Seberry J (2003) Forensic computing. In: Proceedings of lNDOCRYPT, New Delhi, India, LNCS 2904, Springer, pp 18–35, 8–10 Dec 2003

    Google Scholar 

  15. Ying Z, Robertazzi TG (2014) Signature searching in a networked collection of files. In: IEEE Trans Parallel Distrib Syst 25:1339–1348

    Google Scholar 

  16. McClelland D, Marturana F (2014) A digital forensics triage methodology based on feature manipulation techniques. In: Proceedings of the international conference on communications workshops, Sydney, Australia, pp 676–681

    Google Scholar 

  17. Richard GG, Roussev V (2005) Scalpel: a frugal, high performance file carver. In: Proceedings of digital forensic research workshop, New Orleans, USA, 17–19 Aug 2005

    Google Scholar 

  18. GCK’s File Signatures Table Homepage. https://graykessler.net/library/file_sigs.html. Last accessed 16 Apr 2020

Download references

Acknowledgements

I would like to express my heartfelt gratitude to my Head of the Department and Dean of School of Basic and Applied Sciences, Galgotias University, Greater Noida, for giving me with an auspicious opportunity to begin a project of my own. Their benevolent and supporting nature has always guided me toward the successful completion of this paper.

Author information

Authors and Affiliations

  1. Division of Forensic Science, School of Basic and Applied Sciences, Galgotias University, Greater Noida, UP, 201310, India

    Shshank Sourabh & Monika Chauhan

Authors
  1. Shshank Sourabh
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Monika Chauhan
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Monika Chauhan .

Editor information

Editors and Affiliations

  1. Scientific Network for Innovation and Research Excellence, Machine Intelligence Research Labs (MIR Labs), Auburn, WA, USA

    Ajith Abraham

  2. Tijuana Institute of Technology, Tijuana, Mexico

    Oscar Castillo

  3. Bhagwan Parshuram Institute of Technology, New Delhi, India

    Deepali Virmani

Rights and permissions

Reprints and permissions

Copyright information

© 2021 The Author(s), under exclusive license to Springer Nature Singapore Pte Ltd.

About this paper

Check for updates. Verify currency and authenticity via CrossMark

Cite this paper

Sourabh, S., Chauhan, M. (2021). Computer File Signature Analysis Through Hexadecimal Editor Software. In: Abraham, A., Castillo, O., Virmani, D. (eds) Proceedings of 3rd International Conference on Computing Informatics and Networks. Lecture Notes in Networks and Systems, vol 167. Springer, Singapore. https://doi.org/10.1007/978-981-15-9712-1_9

Download citation

  • DOI: https://doi.org/10.1007/978-981-15-9712-1_9

  • Published:

  • Publisher Name: Springer, Singapore

  • Print ISBN: 978-981-15-9711-4

  • Online ISBN: 978-981-15-9712-1

  • eBook Packages: EngineeringEngineering (R0)

Publish with us

Policies and ethics

Search

Navigation