Search papers, labs, and topics across Lattice.
This paper presents a systematic literature review of 123 publications on anti-forensics, analyzing techniques, attack vectors, and research practices across digital forensic subdomains. The study quantifies the prevalence of different anti-forensic techniques and their application in areas like network, memory, and file system forensics. The analysis identifies common research motivations and ethical considerations, ultimately proposing directions for a more coherent and ethically sound approach to anti-forensics research.
Anti-forensic techniques are not just for criminals; understanding them is crucial for fortifying digital forensics, yet the field lacks a consistent definition and faces ethical quandaries.
Anti-forensics includes a growing set of techniques designed to obstruct forensic analysis. While cybercriminals increasingly rely on these methods, they also help researchers identify and remedy weaknesses in forensic tools, advancing the overall robustness of digital forensics. Despite repeated efforts to define it, anti-forensics remains vague and inconsistent in its use. It also poses ethical challenges regarding the appropriateness of research practices and the legitimacy of the field itself. This article presents a systematic analysis of 123 publications on anti-forensics, combining qualitative and quantitative methods. We quantify the main techniques and attack vectors, examine their occurrence in different digital forensic subdomains, and identify typical research methods, motivations, and applications. This work also discusses what these findings mean for future research and proposes directions for building a more coherent and ethically grounded understanding of anti-forensics.