Hiding MBR Formatted Storage Medium’s Partition on Linux-based Operating Systems

IEEESTEC 17TH (2024), (pp. 271–274)

АУТОР / AUTHOR(S): Vukadin Draskovic

Download Full Pdf    

DOI: 10.46793/IEEESTEC17.271D

САЖЕТАК / ABSTRACT:

Digital forensics is a cybersecurity discipline that aims to reconstruct events that occur on digital devices. As such, it plays a key role in suppressing cybercrime. This paper examines digital forensics of storage mediums, focusing on Hard Disk Drives (HDDs), Solid State Drives (SSDs), and partitioning formats like Master Boot Record (MBR) and GUID Partition Table (GPT). Partition hiding is a common activity cybercriminals can use to hide their actions, which is handled by subtype of digital forensics called storage medium forensics. Two different approaches to hiding disk partitions on Linux-based operating systems, followed by methods for detecting and recovering hidden partitions are proposed in this paper.

КЉУЧНЕ РЕЧИ / KEYWORDS:

digital forensics, cybersecurity, storage medium, HDD, SSD, partition, MBR, GPT, Linux

ЛИТЕРАТУРА/ REFERENCES:

  • A Road Map for Digital Forensic Research, Digital Forensics Research Workshop, 2001.
  • Altheide C. & Carvey H., „Digital Forensics with Open Source Tools“, Syngress, 2011.
  • What is a storage device? Available at: https://www.lenovo.com/us/en/glossary/storage-device/
  • Dillon S., „Hide and Seek: Concealing and Recovering Hard Disk Data“, JMU-INFOSEC-TR-2006-002, 2006.
  • Partition Tables Explained. Available at: https://www.codeproject.com/Articles/488296/Partition-Tables-Explained
  • How SSDs work guide. Available at: https://www.ssstc.com/knowledge-detail/how-ssds-work-guide/
  • Akbal E., Yakut O. E., Dogan S., Tuncer T. & Ertam F., „A Digital Forensics Approach for Lost Secondary Partition Analysis using Master Boot Record Structured Hard Disk Drives“, Sakarya University Journal of Computer and Information Sciences
  • Master Boot Record. Available at: https://www.techtarget.com/whatis/definition/Master-Boot-Record-MBR
  • Difference between MBR and GPT. Available at: https://productkeysbuzz.co/difference-between-mbr-and-gpt/
  • Linux basic concepts. Available at: https://microsoft.github.io/WhatTheHack/020-LinuxFundamentals/Student/resources/concepts.html
  • GitHub repository of Python scripts source code. Available at: https://github.com/vukadindraskovic/DF
  • Oracle VirtualBox. Available at: https://www.virtualbox.org/
  • Available at: https://xubuntu.org/