Digital Forensics of Microsoft Office 2007-2013 Documents to Prevent Covert Communication

被引:12
作者
Fu, Zhangjie [1 ,2 ]
Sun, Xingming [1 ,2 ]
Xi, Jie [1 ,2 ]
机构
[1] Nanjing Univ Informat Sci & Technol, Coll Comp & Software, Nanjing 210044, Jiangsu, Peoples R China
[2] Nanjing Univ Informat Sci & Technol, Jiangsu Engn Ctr Network Monitoring, Nanjing 210044, Jiangsu, Peoples R China
来源
JOURNAL OF COMMUNICATIONS AND NETWORKS | 2015年 / 17卷 / 05期
关键词
Covert communication; digital forensics; Microsoft Office 2007-2013; OOXML format; security;
D O I
10.1109/JCN.2015.000091
中图分类号
TP [自动化技术、计算机技术];
学科分类号
0812 ;
摘要
MS Office suit software is the most widely used electronic documents by a large number of users in the world, which has absolute predominance in office software market. MS Office 20072013 documents, which use new office open extensible markup language (OOXML) format, could be illegally used as cover mediums to transmit secret information by offenders, because they do not easily arouse others suspicion. This paper proposes nine forensic methods and an integrated forensic tool for OOXML format documents on the basis of researching the potential information hiding methods. The proposed forensic methods and tool cover three categories; document structure, document content, and document format. The aim is to prevent covert communication and provide security detection technology for electronic documents downloaded by users. The proposed methods can prevent the damage of secret information embedded by offenders. Extensive experiments based on real data set demonstrate the effectiveness of the proposed methods.
引用
收藏
页码:525 / 533
页数:9
相关论文
共 16 条
[1]  
Cantrell G., 2004, Proceedings of the 2004 International Symposium on Information and Communication Technologies, P146
[2]  
Carrier B., 2003, International Journal of digital evidence, V1, P1
[3]  
Castiglione A, 2011, J. Wirel. Mob. Networks Ubiquitous Comput. Dependable Appl., V2, P59
[4]   Taking advantages of a disadvantage: Digital forensics and steganography using document metadata [J].
Castiglione, Aniello ;
De Santis, A. ;
Soriente, C. .
JOURNAL OF SYSTEMS AND SOFTWARE, 2007, 80 (05) :750-764
[5]   Achieving Efficient Cloud Search Services: Multi-Keyword Ranked Search over Encrypted Cloud Data Supporting Parallel Computing [J].
Fu, Zhangjie ;
Sun, Xingming ;
Liu, Qi ;
Zhou, Lu ;
Shu, Jiangang .
IEICE TRANSACTIONS ON COMMUNICATIONS, 2015, E98B (01) :190-200
[6]   Forensic investigation of OOXML format documents [J].
Fu, Zhangjie ;
Sun, Xingming ;
Liu, Yuling ;
Li, Bo .
DIGITAL INVESTIGATION, 2011, 8 (01) :48-55
[7]   New XML-based Files [J].
Garfinkel, Simson L. ;
Migletz, James J. .
IEEE SECURITY & PRIVACY, 2009, 7 (02) :38-44
[8]   Incremental Support Vector Learning for Ordinal Regression [J].
Gu, Bin ;
Sheng, Victor S. ;
Tay, Keng Yeow ;
Romano, Walter ;
Li, Shuo .
IEEE TRANSACTIONS ON NEURAL NETWORKS AND LEARNING SYSTEMS, 2015, 26 (07) :1403-1416
[9]   Segmentation-Based Image Copy-Move Forgery Detection Scheme [J].
Li, Jian ;
Li, Xiaolong ;
Yang, Bin ;
Sun, Xingming .
IEEE TRANSACTIONS ON INFORMATION FORENSICS AND SECURITY, 2015, 10 (03) :507-518
[10]   New steganographic method for data hiding in Microsoft Word documents by a change tracking technique [J].
Liu, Tsung-Yuan ;
Tsai, Wen-Hsiang .
IEEE TRANSACTIONS ON INFORMATION FORENSICS AND SECURITY, 2007, 2 (01) :24-30
12