Chapter 8 Recovering Graphics Files

Slides:



Advertisements
Similar presentations
Raster Graphics 2.01 Investigate graphic image design.
Advertisements

Introduction to Computer Graphics Raster Vs. Vector COMMUNICATION TECHNOLOGY.
Chapter 10 Recovering Graphics Files
Chapter 8 Recovering Graphics Files
Multimedia for the Web: Creating Digital Excitement Multimedia Element -- Graphics.
Graphics CS 121 Concepts of Computing II. What is a graphic? n A rectangular image. n Stored in a file of its own, or … … embedded in another data file.
COS/PSA 413 Day 18. Agenda Lab 9 write-up grades –2 A’s, 1 B, 1 D and 1 F –Answer the questions with a minimal amount of BS –I will start taking off points.
Image Processing, Illustration (Drawing), Paint Programs, and Scanning Dr. Warren C. Weber Cal Poly Pomona.
Chapter 10 Recovering Graphics Files Guide to Computer Forensics and Investigations Third Edition.
2.01 Understand Digital Raster Graphics
COS 413 Day 15. Agenda Assignment 4 corrected –2 A’s, 5 B’s, 1 C and 1 non-submit Assignment 5 Due Assignment 6 will be assigned next week Lab 4 write-up.
Image and Sound Editing Raed S. Rasheed Image Image. Digital image. – Raster images. – Vector Images. – Stereo Images. – Image File Formats Lossless.
File Formats By Jack Turner. Raster (Bitmap) Raster or bitmap is a dot matrix data structure, containing columns of dots and rows, of a graphics image.
Introduction to Computer Graphics Raster Vs. Vector TGJ 2OI St. Christopher C.S.S. 4 Introduction to Computer Graphics.ppt.
SAK INTRODUCTION TO COMPUTER FORENSICS Chapter 7 Image Files Forensics
Digital Forensics Dr. Bhavani Thuraisingham The University of Texas at Dallas Lecture #12 Computer Forensics Analysis/Validation and Recovering Graphic.
Zinnia Bell. RAWimages are image files that have not yet processed, they contain minimally processed data from the image sensor of either a image scanner,
Photographics 10 Introduction to Digital Photography
Prepared by George Holt Digital Photography BITMAP GRAPHIC ESSENTIALS.
File Formats COM 366 Web Design & Layout. Native file format –Format native to software program –.psd > PhotoShop default Preserves layers –Use “Save.
Chapter 10 Recovering Graphics Files Guide to Computer Forensics and Investigations Third Edition.
Module Code: CU0001NI Technical Information on Digital Images Week -2.
Presentation Design: Graphics. More About Color “Bit depth” of colors -- This is based on the smallest unit of information that a computer understands.
8 Using Web Graphics Section 8.1 Identify types of graphics Identify and compare graphic formats Describe compression schemes Section 8.2 Identify image.
Guide to Computer Forensics and Investigations, Second Edition Chapter 11 Recovering Image Files.
File Formats Different applications (programs) store data in different formats. Applications support some file formats and not others. Open…, Save…, Save.
Photoshop Photoshop works with bitmapped, digitized images (that is, continuous-tone images that have been converted into a series of small squares, or.
2D Graphics Theory & Principles. Single Point Smallest addressable area on screen or digital image.
Chapter 2 File Format Objectives (1 of 2) Identify the difference between vector based graphics and bitmap-based graphics Clarify bitmap and vector graphic.
Unit 1: Task 1 By Abbie Llewellyn. Vector Graphic Software (Corel Draw) Computer graphics can be classified into two different categories: raster graphics.
Chapter 2 File Format Objectives (1 of 2) Identify the difference between vector based graphics and bitmap-based graphics Clarify 3 types of vector programs.
Digital Imaging 101 Ann Ware
Chapter 3 Image Files © 2013 Cengage Learning. All Rights Reserved. May not be scanned, copied or duplicated, or posted to a publicly accessible website,
Raster Graphics 2.01 Investigate graphic image design.
Image File Formats. What is an Image File Format? Image file formats are standard way of organizing and storing of image files. Image files are composed.
Graphics Concepts Presentation
Introduction to Images & Graphics JMA260. Objectives Images introduction Photoshop.
21 st Century Technology. Painting Uses Pixels Quality of image Changes Drawing Uses Vectors or Lines Quality of Image Does NOT Change.
Chapter 1 Definitions & Basics of Digital Image 1.Image 2.Digital Image 3.Raster 4. Vector 5.Image Editing 1.
Software Design and Development Storing Data Part 2 Text, sound and video Computing Science.
Bitmap vs. Vector How computers work with photographs and drawings.
Section 8.1 Section 8.2 Create a custom theme Design a color scheme
2.01 Understand Digital Raster Graphics
File Formats Different applications (programs) store data in different formats. Applications support some file formats and not others. Open…, Save…, Save.
2.01 Understand Digital Raster Graphics
Chapter 3 Image Files © 2013 Cengage Learning. All Rights Reserved. May not be scanned, copied or duplicated, or posted to a publicly accessible website,
4 Importing Graphics Desktop Publishing: Chapter 4
2.01 Understand Digital Raster Graphics
Introduction to raster graphics
Image Formats.
2.01 Investigate graphic image design.
Graphics Basics Ellen Eyth.
Chapter 3 Image Files © 2017 Cengage Learning®. May not be scanned, copied or duplicated, or posted to a publicly accessible website, in whole or in part.
"Digital Media Primer" Yue-Ling Wong, Copyright (c)2013 by Pearson Education, Inc. All rights reserved.
A computer display is made up of small squares, called pixels.
Digital Images.
1.01 Investigate graphic types and file formats.
Graphics Basic Concepts.
2.01 Investigate graphic image design.
2.01 Understand Digital Raster Graphics
Chapter 10 Recovering Graphics Files
Terms 1 Terms 2 Terms 3 Terms 4 Terms 5 1pt 1 pt 1 pt 1pt 1 pt 2 pt
2.01 Investigate graphic image design.
2.01 Understand Digital Raster Graphics
2.01 Investigate graphic image design.
Building an Online Store
"Digital Media Primer" Yue-Ling Wong, Copyright (c)2013 by Pearson Education, Inc. All rights reserved.
2.01 Investigate graphic image design.
1 Guide to Computer Forensics and Investigations Sixth Edition Chapter 8 Recovering Graphics Files.
Presentation transcript:

Chapter 8 Recovering Graphics Files Guide to Computer Forensics and Investigations Fifth Edition Chapter 8 Recovering Graphics Files All slides copyright Cengage Learning with additional info from G.M. Santoro

Recognizing a Graphics File Graphic files contain digital photographs, line art, three-dimensional images, and scanned replicas of printed pictures Bitmap images: collection of dots Vector graphics: based on mathematical instructions Metafile graphics: combination of bitmap and vector Types of programs Graphics editors Image viewers Guide to Computer Forensics and Investigations, Fifth Edition

Understanding Bitmap and Raster Images Bitmap images Grids of individual pixels Raster images - also collections of pixels Pixels are stored in rows Better for printing Image quality Screen resolution - determines amount of detail Software contributes to image quality (drivers) Number of color bits used per pixel Bitmap and raster graphics began with early PCs and had extremely low resolution and limited color. Guide to Computer Forensics and Investigations, Fifth Edition

Understanding Vector Graphics Characteristics of vector graphics Uses lines instead of dots Store only the calculations for drawing lines and shapes Smaller than bitmap files Preserve quality when image is enlarged CorelDraw, Adobe Illustrator Early computer graphics were primarily vector graphics, where algorithms were used to move a point on a display/plotter or to define shapes. Any shapes created became objects that could easily be manipulated Guide to Computer Forensics and Investigations, Fifth Edition

Understanding Metafile Graphics Metafile graphics combine raster and vector graphics Example Scanned photo (bitmap) with text (vector) Share advantages and disadvantages of both types When enlarged, bitmap part loses quality Guide to Computer Forensics and Investigations, Fifth Edition

Understanding Graphics File Formats Standard bitmap file formats Portable Network Graphic (.png) Graphic Interchange Format (.gif) Joint Photographic Experts Group (.jpeg, .jpg) Tagged Image File Format (.tiff, .tif) Window Bitmap (.bmp) Standard vector file formats Hewlett Packard Graphics Language (.hpgl) Autocad (.dxf) Guide to Computer Forensics and Investigations, Fifth Edition

Understanding Graphics File Formats Nonstandard graphics file formats Targa (.tga) Raster Transfer Language (.rtl) Adobe Photoshop (.psd) and Illustrator (.ai) Freehand (.fh9) Scalable Vector Graphics (.svg) Paintbrush (.pcx) Search the Web for software to manipulate unknown image formats https://en.wikipedia.org/wiki/Image_file_formats Guide to Computer Forensics and Investigations, Fifth Edition

Understanding Digital Camera File Formats Witnesses or suspects can create their own digital photos Examining the raw file format Raw file format Referred to as a digital negative Typically found on many higher-end digital cameras Sensors in the digital camera simply record pixels on the camera’s memory card Raw format maintains the best picture quality Guide to Computer Forensics and Investigations, Fifth Edition

Understanding Digital Camera File Formats Examining the raw file format (cont’d) The biggest disadvantage is that it’s proprietary And not all image viewers can display these formats The process of converting raw picture data to another format is referred to as demosaicing Examining the Exchangeable Image File format Exchangeable Image File (Exif) format Commonly used to store digital pictures Developed by JEITA as a standard for storing metadata in JPEG and TIF files Guide to Computer Forensics and Investigations, Fifth Edition

Understanding Digital Camera File Formats Examining the Exchangeable Image File format (cont’d) Exif format collects metadata Investigators can learn more about the type of digital camera and the environment in which pictures were taken Viewing an Exif JPEG file’s metadata requires special programs Exif Reader, IrfanView, or ProDiscover Exif file stores metadata at the beginning of the file Guide to Computer Forensics and Investigations, Fifth Edition

Understanding Digital Camera File Formats Examining the Exchangeable Image File format (cont’d) With tools such as ProDiscover and Exif Reader You can extract metadata as evidence for your case Guide to Computer Forensics and Investigations, Fifth Edition

Understanding Data Compression Some image formats compress their data GIF and JPEG Others, like BMP, do not compress their data Use data compression tools for those formats to save space Data compression Coding data from a larger to a smaller form Types Lossless compression and lossy compression GIF employs lossless compression, JPEG employs lossy compression Guide to Computer Forensics and Investigations, Fifth Edition

Lossless and Lossy Compression Lossless compression Reduces file size without removing data Based on Huffman or Lempel-Ziv-Welch coding For redundant bits of data Utilities: WinZip, PKZip, StuffIt, and FreeZip Lossy compression Permanently discards bits of information Vector quantization (VQ) Determines what data to discard based on vectors in the graphics file Utility: Lzip Depending on purpose, lossless compression is often most desirable – for example, child pornography images may still be very recognizable even with some compression – whereas data hidden or coded into an image file may be lost or corrupted Use judgment when deciding if/when to apply compression Guide to Computer Forensics and Investigations, Fifth Edition

Locating and Recovering Graphics Files Operating system tools Time consuming Results are difficult to verify Digital forensics tools Image headers Compare them with good header samples Use header information to create a baseline analysis Reconstruct fragmented image files Identify data patterns and modified headers Guide to Computer Forensics and Investigations, Fifth Edition

Identifying Graphics File Fragments Carving or salvaging Recovering any type of file fragments Digital forensics tools Can carve from file slack and free space Help identify image files fragments and put them together Guide to Computer Forensics and Investigations, Fifth Edition

Repairing Damaged Headers When examining recovered fragments from files in slack or free space You might find data that appears to be a header If header data is partially overwritten, you must reconstruct the header to make it readable By comparing the hexadecimal values of known graphics file formats with the pattern of the file header you found Guide to Computer Forensics and Investigations, Fifth Edition

Repairing Damaged Headers Each graphics file has a unique header value Example: A JPEG file has the hexadecimal header value FFD8, followed by the label JFIF for a standard JPEG or Exif file at offset 6 A list of file signatures (header values) may be found at: https://en.wikipedia.org/wiki/List_of_file_signatures Guide to Computer Forensics and Investigations, Fifth Edition

Rebuilding File Headers Before attempting to edit a recovered graphics file Try to open the file with an image viewer first If the image isn’t displayed, you have to inspect and correct the header values manually Steps Recover more pieces of file if needed Examine file header Compare with a good header sample Manually insert correct hexadecimal values Test corrected file Guide to Computer Forensics and Investigations, Fifth Edition

Reconstructing File Fragments Locate the noncontiguous clusters that make up a deleted file Steps Locate and export all clusters of the fragmented file Determine the starting and ending cluster numbers for each fragmented group of clusters Copy each fragmented group of clusters in their correct sequence to a recovery file Rebuild the file’s header to make it readable in a graphics viewer Guide to Computer Forensics and Investigations, Fifth Edition

Identifying Unknown File Formats Knowing the purpose of each format and how it stores data is part of the investigation process The Internet is the best source Search engines like Google Find explanations and viewers Popular Web sites www.fileformat.info/format/all.htm http://extension.informer.com Guide to Computer Forensics and Investigations, Fifth Edition

Analyzing Graphics File Headers Necessary when you find files your tools do not recognize Use a hexadecimal editor such as WinHex Record hexadecimal values in the header and use them to define a file type Example: XIF file format is old, little information is available The first 3 bytes of an XIF file are the same as a TIF file Build your own header search string Guide to Computer Forensics and Investigations, Fifth Edition

Tools for Viewing Images After recovering a graphics file Use an image viewer to open and view it No one viewer program can read every file format Having many different viewer programs is best Most GUI forensics tools include image viewers that display common image formats Be sure to analyze, identify, and inspect every unknown file on a drive Guide to Computer Forensics and Investigations, Fifth Edition

This concludes the lecture for Topic 8

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2024 SlidePlayer.com. Inc. All rights reserved.