The application and effectiveness of Hex editor Forensic in investigating cybercrime
Abstract
Information Technology usage and development has improved the efficiency and the flexibility of service provision among a number of institutions. While the process of computerization is taking place at a very high speed, the security surrounding the critical asset of IT is a major growing concern for the top management. The application of the digital forensic concept can therefore be helpful in curbing problems associated with cybercrime. The use of concepts relating to digital forensic investigation of criminal activities and digital forensics will, therefore, tackle the problem with finding digital evidence in cybercrimes. Hex editor is one of the various digital forensic investigation tools that allow the use of Hash Sets for identifying known safe files in program and operating system files. The tool is essential for identifying suspected files like Trojans, viruses, and hacker scripts. The paper seeks to establish the effectiveness of Hex editor in information technology security risk management. That is, the capabilities of Hex editor and the accuracy of Hex editor with regards to retrieving and analyzing data from a hard disc or drive in order to investigate and curb information technology security risk at the workplace. The researcher performed investigation on a Mozilla FxOS running on a phone released by Peak group in which case the researcher aimed to retrieve previous images that had been sent through the phone. In overall, Hex editor was able to identify the images and content of information that had been shared via the phone. Therefore, Hex editor is vital in identification, extraction, analysis, and presentation of digital evidence contained in digital devices. It is an effective tool that can be used by organizations for Forensic information technology security risk management. Keywords: Hex editor; Cybercrime; Digital Forensic; Investigation; technology, security, risk
References
Hsu, Y.M. and Chang, C.C., 2011. Analysis and improvement on frequency sensitivity of series photodetector frequency circuit system and its application for HEX fluorescence measurement. Optical Engineering, 50(4), p.044401.
Schaefer, T., Höfken, H. and Schuba, M., 2011, October. Windows phone 7 from a digital forensics’ perspective. In International Conference on Digital Forensics and Cyber Crime (pp. 62-76). Springer, Berlin, Heidelberg.
Simon, M. and Slay, J., 2010, February. Recovery of skype application activity data from physical memory. In 2010 International Conference on Availability, Reliability and Security (pp. 283-288). IEEE.
Blakeley, B., Cooney, C., Dehghantanha, A. and Aspin, R., 2015, November. Cloud storage forensic: hubiC as a case-study. In 2015 IEEE 7th International Conference on Cloud Computing Technology and Science (CloudCom) (pp. 536-541). IEEE.
LeMaster, A., 2011. Heap spray detection with heap inspector. Blackhat USA, Las Vegas, Nevada, US.
Naick, B.D. and Bachalla, N., 2016. Application of Digital Forensics in Digital Libraries. International Journal of Library & Information Science (IJLIS), 5(2), pp.89-94.
Jain, N. and Kalbande, D.R., 2015, September. Computer forensic tool using history and feedback approach. In 2015 4th International Conference on Reliability, Infocom Technologies and Optimization (ICRITO)(Trends and Future Directions) (pp. 1-5). IEEE.
Ryczkowski, A. and Piotrowski, T., 2011. Tomotherapy archive structure and new software tool for loading and advanced analysis of data contained in it. Reports of Practical Oncology & Radiotherapy, 16(2), pp.58-64.
Sanchez, L. (2017). Multiplatformní HEX editor (Bachelor's thesis, České vysoké učení technické v Praze. Vypočetní a informační centrum.).
Sun, J.L., Zhang, S.W., Huang, S. and Hui, Z.W., 2018, July. Design and application of a Sikuli based capture-replay tool. In 2018 IEEE International Conference on Software Quality, Reliability and Security Companion (QRS-C) (pp. 42-44). IEEE.
