COS 413 Day 15. Agenda Assignment 4 corrected –2 A’s, 5 B’s, 1 C and 1 non-submit Assignment 5 Due Assignment 6 will be assigned next week Lab 4 write-up.

Slides:



Advertisements
Similar presentations
Introduction to Computer Graphics Raster Vs. Vector COMMUNICATION TECHNOLOGY.
Advertisements

Chapter 10 Recovering Graphics Files
Chapter 8 Recovering Graphics Files
Multimedia for the Web: Creating Digital Excitement Multimedia Element -- Graphics.
COS/PSA 413 Day 18. Agenda Lab 9 write-up grades –2 A’s, 1 B, 1 D and 1 F –Answer the questions with a minimal amount of BS –I will start taking off points.
Chapter 10 Recovering Graphics Files Guide to Computer Forensics and Investigations Third Edition.
2.01 Understand Digital Raster Graphics
Copyright © 2006 by The McGraw-Hill Companies, Inc. All rights reserved. McGraw-Hill Technology Education Copyright © 2006 by The McGraw-Hill Companies,
Image and Sound Editing Raed S. Rasheed Image Image. Digital image. – Raster images. – Vector Images. – Stereo Images. – Image File Formats Lossless.
File Formats By Jack Turner. Raster (Bitmap) Raster or bitmap is a dot matrix data structure, containing columns of dots and rows, of a graphics image.
SAK INTRODUCTION TO COMPUTER FORENSICS Chapter 7 Image Files Forensics
Digital Forensics Dr. Bhavani Thuraisingham The University of Texas at Dallas Lecture #12 Computer Forensics Analysis/Validation and Recovering Graphic.
Web Design, 4 th Edition 5 Typography and Images.
File Formats Different applications (programs) store data in different formats. Applications support some file formats and not others. Open…, Save…, Save.
Week 6 Digital Photography File Formats October 14, 2005.
Prepared by George Holt Digital Photography BITMAP GRAPHIC ESSENTIALS.
Graphics.
File Formats COM 366 Web Design & Layout. Native file format –Format native to software program –.psd > PhotoShop default Preserves layers –Use “Save.
Chapter 10 Recovering Graphics Files Guide to Computer Forensics and Investigations Third Edition.
Presentation Design: Graphics. More About Color “Bit depth” of colors -- This is based on the smallest unit of information that a computer understands.
8 Using Web Graphics Section 8.1 Identify types of graphics Identify and compare graphic formats Describe compression schemes Section 8.2 Identify image.
HTML presentation Graphics H format H data compression H size H creating or finding H publishing.
Computer Concepts 2014 Chapter 8 Digital Media. 8 Digital Audio Basics  Sampling a sound wave Chapter 8: Digital Media 2.
Digital Darkroom I Theresa L. Ford. Objectives Basic Digital Image Terminology Screen Display of Pictures –Why are pictures too big for the screen? –Why.
Section 8.1 Create a custom theme Design a color scheme Use shared borders Section 8.2 Identify types of graphics Identify and compare graphic formats.
Information Processes and Technology Multimedia: Graphics.
Chapter 14 Working with Graphics. 2Practical PC 5 th Edition Chapter 14 Getting Started In this Chapter, you will learn: − About different graphics you.
Guide to Computer Forensics and Investigations, Second Edition Chapter 11 Recovering Image Files.
File Formats Different applications (programs) store data in different formats. Applications support some file formats and not others. Open…, Save…, Save.
Photoshop Photoshop works with bitmapped, digitized images (that is, continuous-tone images that have been converted into a series of small squares, or.
Chapter 2 File Format Objectives (1 of 2) Identify the difference between vector based graphics and bitmap-based graphics Clarify bitmap and vector graphic.
Unit 1: Task 1 By Abbie Llewellyn. Vector Graphic Software (Corel Draw) Computer graphics can be classified into two different categories: raster graphics.
Chapter 3 Image Files © 2013 Cengage Learning. All Rights Reserved. May not be scanned, copied or duplicated, or posted to a publicly accessible website,
Raster Graphics 2.01 Investigate graphic image design.
Chapter 8B Graphics and Multimedia. 8B-2 Graphic File Formats Bitmapped images –Most common image type –Also called raster images –Image is drawn using.
Chapter 8 Recovering Graphics Files
Image File Formats. What is an Image File Format? Image file formats are standard way of organizing and storing of image files. Image files are composed.
Graphics Concepts Presentation
Chapter 1 Definitions & Basics of Digital Image 1.Image 2.Digital Image 3.Raster 4. Vector 5.Image Editing 1.
Software Design and Development Storing Data Part 2 Text, sound and video Computing Science.
13 June – Session : Graphics Different types of Graphics for the web Features of image editing software Good practice for image editing.
2.01 Understand Digital Raster Graphics
Bitmap vs. Vector How computers work with photographs and drawings.
Chapter 14 Working with Graphics
Section 8.1 Section 8.2 Create a custom theme Design a color scheme
2.01 Understand Digital Raster Graphics
File Formats Different applications (programs) store data in different formats. Applications support some file formats and not others. Open…, Save…, Save.
2.01 Understand Digital Raster Graphics
Digital Imaging 101 Ann Ware.
2.01 Understand Digital Raster Graphics
Image Formats.
2.01 Investigate graphic image design.
Digital Forensics 2 Lecture 2: Understanding steganography in graphic files Presented by : J.Silaa Lecture: FCI Based on Guide to Computer Forensics and.
Graphics Basics Ellen Eyth.
"Digital Media Primer" Yue-Ling Wong, Copyright (c)2013 by Pearson Education, Inc. All rights reserved.
Digital Images.
Image File Size and File Compression
1.01 Investigate graphic types and file formats.
Graphics Basic Concepts.
2.01 Understand Digital Raster Graphics
Chapter 10 Recovering Graphics Files
Terms 1 Terms 2 Terms 3 Terms 4 Terms 5 1pt 1 pt 1 pt 1pt 1 pt 2 pt
2.01 Investigate graphic image design.
2.01 Understand Digital Raster Graphics
2.01 Investigate graphic image design.
Building an Online Store
"Digital Media Primer" Yue-Ling Wong, Copyright (c)2013 by Pearson Education, Inc. All rights reserved.
2.01 Investigate graphic image design.
1 Guide to Computer Forensics and Investigations Sixth Edition Chapter 8 Recovering Graphics Files.
Presentation transcript:

COS 413 Day 15

Agenda Assignment 4 corrected –2 A’s, 5 B’s, 1 C and 1 non-submit Assignment 5 Due Assignment 6 will be assigned next week Lab 4 write-up corrected –7 A’s, 1 B and 1 MIA Lab 5 write-up due tomorrow Capstone proposals OVER Due –I have received only two proposals Lab 6 on Oct 22 in N105 –Hands-on Projects 9-1 on Page 392 and 10-1 through 10-5 on Pages Quiz 2 on Oct 24 (Friday) –Chaps 6,7,9 & 10 –Open book, Open notes –20 M/C and 5 essays Discussion on Recovering Graphics Files

Chapter 10 Recovering Graphics Files Guide to Computer Forensics and Investigations Third Edition

Guide to Computer Forensics and Investigations4 Objectives Describe types of graphics file formats Explain types of data compression Explain how to locate and recover graphics files Describe how to identify unknown file formats Explain copyright issues with graphics

Guide to Computer Forensics and Investigations5 Recognizing a Graphics File Contains digital photographs, line art, three- dimensional images, and scanned replicas of printed pictures –Bitmap images: collection of dots –Vector graphics: based on mathematical instructions –Metafile graphics: combination of bitmap and vector Types of programs –Graphics editors –Image viewers

Guide to Computer Forensics and Investigations6 Understanding Bitmap and Raster Images Bitmap images –Grids of individual pixels Raster images –Pixels are stored in rows –Better for printing Image quality –Screen resolution –Software –Number of color bits used per pixel >> determines file’s size

Graphics resolution -> file size Assumes a bitmapped graphics flie that is 200X200 pixels (40,000 pixels) –In black and white (two bits) ~ 10KB (40k/8 *2) –In 16 colors (4 bits) ~ 20KB –In 65,536 colors (16 bits) ~ 80KB –In true color (32 bits) ~1.6MB Guide to Computer Forensics and Investigations7

8 Understanding Vector Graphics Characteristics –Lines instead of dots –Store only the calculations for drawing lines and shapes –Smaller size –Preserve quality when image is enlarged CorelDraw, Adobe Illustrator

Guide to Computer Forensics and Investigations9 Understanding Metafile Graphics Combine raster and vector graphics Example –Scanned photo (bitmap) with text (vector) Share advantages and disadvantages of both types –When enlarged, bitmap part loses quality

Guide to Computer Forensics and Investigations10 Understanding Graphics File Formats Standard bitmap file formats –Graphic Interchange Format (.gif) –Joint Photographic Experts Group (.jpeg,.jpg) –Tagged Image File Format (.tiff,.tif) –Window Bitmap (.bmp) Standard vector file formats –Hewlett Packard Graphics Language (.hpgl) –Autocad (.dxf)

Guide to Computer Forensics and Investigations11 Understanding Graphics File Formats (continued) Nonstandard graphics file formats –Targa (.tga) –Raster Transfer Language (.rtl) –Adobe Photoshop (.psd) and Illustrator (.ai) –Freehand (.fh9) –Scalable Vector Graphics (.svg) –Paintbrush (.pcx) Unknown file formats – – –

Guide to Computer Forensics and Investigations12 Understanding Digital Camera File Formats Witnesses or suspects can create their own digital photos Examining the raw file format –Raw file format Referred to as a digital negative Typically found on many higher-end digital cameras –Sensors in the digital camera simply record pixels on the camera’s memory card –Raw format maintains the best picture quality

Guide to Computer Forensics and Investigations13 Understanding Digital Camera File Formats (continued) Examining the raw file format (continued) –The biggest disadvantage is that it’s proprietary And not all image viewers can display these formats –The process of converting raw picture data to another format is referred to as demosaicing Examining the Exchangeable Image File format –Exchangeable Image File (EXIF) format Commonly used to store digital pictures Developed by JEIDA as a standard for storing metadata in JPEG and TIFF files

Guide to Computer Forensics and Investigations14 Understanding Digital Camera File Formats (continued) Examining the Exchangeable Image File format (continued) –EXIF format collects metadata Investigators can learn more about the type of digital camera and the environment in which pictures were taken –EXIF file stores metadata at the beginning of the file

Guide to Computer Forensics and Investigations15 Understanding Digital Camera File Formats (continued)

Guide to Computer Forensics and Investigations16 Understanding Digital Camera File Formats (continued)

Guide to Computer Forensics and Investigations17 Understanding Digital Camera File Formats (continued)

Guide to Computer Forensics and Investigations18 Understanding Digital Camera File Formats (continued) Examining the Exchangeable Image File format (continued) –With tools such as ProDiscover and Exif Reader You can extract metadata as evidence for your case glish/download.htmlhttp:// glish/download.html

Guide to Computer Forensics and Investigations19

Guide to Computer Forensics and Investigations20 Understanding Data Compression Some image formats compress their data –GIF, JPEG, PNG Others, like BMP, do not compress their data –Use data compression tools for those formats Data compression –Coding of data from a larger to a smaller form –Types Lossless compression and lossy compression

Guide to Computer Forensics and Investigations21 Lossless and Lossy Compression Lossless compression –Reduces file size without removing data –Based on Huffman or Lempel-Ziv-Welch coding For redundant bits of data –Utilities: WinZip, PKZip, StuffIt, and FreeZip Lossy compression –Permanently discards bits of information –Vector quantization (VQ) Determines what data to discard based on vectors in the graphics file –Utility: Lzip

Guide to Computer Forensics and Investigations22 Locating and Recovering Graphics Files Operating system tools –Time consuming –Results are difficult to verify Computer forensics tools –Image headers Compare them with good header samples Use header information to create a baseline analysis –Reconstruct fragmented image files Identify data patterns and modified headers

Guide to Computer Forensics and Investigations23 Identifying Graphics File Fragments Carving or salvaging –Recovering all file fragments Computer forensics tools –Carve from slack and free space –Help identify image files fragments and put them together

Guide to Computer Forensics and Investigations24 Repairing Damage Headers Use good header samples Each image file has a unique file header –JPEG: FF D8 FF E –Most JPEG files also include JFIF string Exercise: –Investigate a possible intellectual property theft by a contract employee of Exotic Mountain Tour Service (EMTS)

Guide to Computer Forensics and Investigations25 Searching for and Carving Data from Unallocated Space

Guide to Computer Forensics and Investigations26 Searching for and Carving Data from Unallocated Space (continued)

Guide to Computer Forensics and Investigations27 Searching for and Carving Data from Unallocated Space (continued) Steps –Planning your examination –Searching for and recovering digital photograph evidence Use ProDiscover to search for and extract (recover) possible evidence of JPEG files False hits are referred to as false positives

Guide to Computer Forensics and Investigations28

Guide to Computer Forensics and Investigations29 Searching for and Carving Data from Unallocated Space (continued)

Guide to Computer Forensics and Investigations30 Searching for and Carving Data from Unallocated Space (continued)

Guide to Computer Forensics and Investigations31 Searching for and Carving Data from Unallocated Space (continued)

Guide to Computer Forensics and Investigations32 Searching for and Carving Data from Unallocated Space (continued)

Guide to Computer Forensics and Investigations33 Searching for and Carving Data from Unallocated Space (continued)

Guide to Computer Forensics and Investigations34 Rebuilding File Headers Try to open the file first and follow steps if you can’t see its content Steps –Recover more pieces of file if needed –Examine file header Compare with a good header sample Manually insert correct hexadecimal values –Test corrected file

Guide to Computer Forensics and Investigations35 Rebuilding File Headers (continued)

Guide to Computer Forensics and Investigations36

Guide to Computer Forensics and Investigations37

Guide to Computer Forensics and Investigations38 Rebuilding File Headers (continued)

Guide to Computer Forensics and Investigations39 Rebuilding File Headers (continued)

Guide to Computer Forensics and Investigations40 Reconstructing File Fragments Locate the starting and ending clusters –For each fragmented group of clusters in the file Steps –Locate and export all clusters of the fragmented file –Determine the starting and ending cluster numbers for each fragmented group of clusters –Copy each fragmented group of clusters in their proper sequence to a recovery file –Rebuild the corrupted file’s header to make it readable in a graphics viewer

Guide to Computer Forensics and Investigations41 Reconstructing File Fragments (continued)

Guide to Computer Forensics and Investigations42 Reconstructing File Fragments (continued)

Guide to Computer Forensics and Investigations43 Reconstructing File Fragments (continued)

Guide to Computer Forensics and Investigations44 Reconstructing File Fragments (continued)

Guide to Computer Forensics and Investigations45 Reconstructing File Fragments (continued) Remember to save the updated recovered data with a.jpg extension Sometimes suspects intentionally corrupt cluster links in a disk’s FAT –Bad clusters appear with a zero value on a disk editor

Guide to Computer Forensics and Investigations46 Reconstructing File Fragments (continued)

Guide to Computer Forensics and Investigations47 Reconstructing File Fragments (continued)

Guide to Computer Forensics and Investigations48 Identifying Unknown File Formats The Internet is the best source –Search engines like Google –Find explanations and viewers Popular Web sites – – –

Guide to Computer Forensics and Investigations49 Analyzing Graphics File Headers Necessary when you find files your tools do not recognize Use hex editor such as Hex Workshop –Record hexadecimal values on header Use good header samples

Guide to Computer Forensics and Investigations50 Analyzing Graphics File Headers (continued)

Guide to Computer Forensics and Investigations51 Analyzing Graphics File Headers (continued)

Guide to Computer Forensics and Investigations52 Tools for Viewing Images Use several viewers –ThumbsPlus –ACDSee –QuickView –IrfanView GUI forensics tools include image viewers –ProDiscover –EnCase –FTK –X-Ways Forensics –iLook

Guide to Computer Forensics and Investigations53 Understanding Steganography in Graphics Files Steganography hides information inside image files –Ancient technique –Can hide only certain amount of information Insertion –Hidden data is not displayed when viewing host file in its associated program You need to analyze the data structure carefully –Example: Web page

Guide to Computer Forensics and Investigations54

Guide to Computer Forensics and Investigations55 Understanding Steganography in Graphics Files (continued)

Guide to Computer Forensics and Investigations56 Understanding Steganography in Graphics Files (continued) Substitution –Replaces bits of the host file with bits of data –Usually change the last two LSBs –Detected with steganalysis tools Usually used with image files –Audio and video options Hard to detect

Guide to Computer Forensics and Investigations57 Understanding Steganography in Graphics Files (continued)

Guide to Computer Forensics and Investigations58 Understanding Steganography in Graphics Files (continued)

Guide to Computer Forensics and Investigations59 Using Steganalysis Tools Detect variations of the graphic image –When applied correctly you cannot detect hidden data in most cases Methods –Compare suspect file to good or bad image versions –Mathematical calculations verify size and palette color –Compare hash values

Guide to Computer Forensics and Investigations60 Identifying Copyright Issues with Graphics Steganography originally incorporated watermarks Copyright laws for Internet are not clear –There is no international copyright law Check

Guide to Computer Forensics and Investigations61 Summary Image types –Bitmap –Vector –Metafile Image quality depends on various factors Image formats –Standard –Nonstandard Digital camera photos are typically in raw and EXIF JPEG formats

Guide to Computer Forensics and Investigations62 Summary (continued) Some image formats compress their data –Lossless compression –Lossy compression Recovering image files –Carving file fragments –Rebuilding image headers Software –Image editors –Image viewers

Guide to Computer Forensics and Investigations63 Summary (continued) Steganography –Hides information inside image files –Forms Insertion Substitution Steganalysis –Finds whether image files hide information

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2024 SlidePlayer.com Inc. All rights reserved.