Brainscape's Knowledge GenomeTM

Browse over 1 million classes created by top students, professors, publishers, and experts.


See full index

Digital Forensics (stage 2) > topic 11 - forensic analysis of JPEG files > Flashcards

topic 11 - forensic analysis of JPEG files Flashcards

1
Q

what is metadata of exchangeable image file format aka EXIF?

A

camera make and model

camera settings at time picture was taken

gps coordinates for smart phones (e.g. Second gen iPhones).

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

what is the forensic value of EXIF?

A

Contains a wealth of information that relates photograph to make and model and possibly owner.

Easily accessible – Windows file explorer.

Downside: Relatively easy to alter or remove.

Often overwritten by

photo-editing software

Transfer process (e.g. Mobile phone, social networking).

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

what is the value of DQT to forensics? (Discrete quantisation table)

A

Indicator of make and model.

All JPEG files headers have one (even when Exif metadata has been deliberately removed).

DQT may be overwritten when

Image tampering has taken place (compare with metadata – if still present).

File is transferred – social networking, mobile phone.

In some cases primary DQT may be inferred from the histograms of discrete cosine transformation coefficients even if the image has been compressed twice…

How well did you know this?
1
Not at all
2
3
4
5
Perfectly

Digital Forensics (stage 2) (17 decks)

Brainscape helps you reach your goals faster, through stronger study habits.
© 2024 Bold Learning Solutions. Terms and Conditions