Data Wiping Tool: ByteEditor Technique

Nuraqilah Haidah Ahmad Riduan Cik Feresa Mohd Foozy Isredza Rahmi A Hamid
Faculty of Computer Science and Information Security Interest Group (ISIG) Information Security Interest Group (ISIG)
Information Technology Faculty of Computer Science and Faculty of Computer Science and
University of Tun Hussein Onn Malaysia Information Technology Information Technology
Batu Pahat, Malaysia University of Tun Hussein Onn Malaysia University of Tun Hussein Onn Malaysia
nuraqilahhaidah980204@gmail.com Batu Pahat, Malaysia Batu Pahat, Malaysia
feresa@uthm.edu.my rahmi@uthm.edu.my

Palaniappan Shamala Nur Fadzilah Othman

2021 3rd International Cyber Resilience Conference (CRC) | 978-1-6654-1844-7/20/$31.00 ©2021 IEEE | DOI: 10.1109/CRC50527.2021.9392502

Faculty of Computer and Center for Advanced Computing Technology,

Mathematical SciencesUniversiti Fakulti Teknologi Maklumat dan Komunikasi,
Teknologi MARA Johor Universiti Teknikal Malaysia Melaka,
shamalap@uitm.edu.my fadzilah.othman@utem.edu.my

Abstract—This Wiping Tool is an anti-forensic tool that is
built to wipe data permanently from laptop’s storage. This tool
is capable to ensure the data from being recovered with any
recovery tools. The objective of building this wiping tool is to
maintain the confidentiality and integrity of the data from
unauthorized access. People tend to delete the file in normal
way, however, the file face the risk of being recovered. Hence,
the integrity and confidentiality of the deleted file cannot be
protected. Through wiping tools, the files are overwritten with
random strings to make the files no longer readable. Thus, the
integrity and the confidentiality of the file can be protected.
Regarding wiping tools, nowadays, lots of wiping tools face issue
such as data breach because the wiping tools are unable to delete
the data permanently from the devices. This situation might
affect their main function and a threat to their users. Hence, a
new wiping tool is developed to overcome the problem. A new
wiping tool named Data Wiping tool is applying two wiping
techniques. The first technique is Randomized Data while the
next one is enhancing wiping technique, known as ByteEditor.
ByteEditor is a combination of two different techniques, byte
editing and byte deletion. With the implementation of Object-
Oriented methodology, this wiping tool is built. This
methodology consists of analyzing, designing, implementation
and testing. The tool is analyzed and compared with other
wiping tools before the designing of the tool start. Once the
designing is done, implementation phase take place. The code of
the tool is created using Visual Studio 2010 with C# language
and being tested their functionality to ensure the developed tool
meet the objectives of the project. This tool is believed able to
contribute to the development of wiping tools and able to solve
problems related to other wiping tools.
Keywords—Wiping tool, Randomized data, ByteEditor
I. I NTRODUCTION
Nowadays, people tend to delete documents and files
directly without knowing the facts that those deleted
documents and files were not really deleted from computers’
storage. Hence, there is a chance that someone may recovered
those valuable data to gain them illegally. Thus, data wiping
is used to ensure those documents and files are deleted
permanently.
The main problem addressed in this paper is how to
maintain the confidentiality and integrity of deleted data
Wiping tool main function is to delete the data permanently
from computers’ storage and make the data unreadable.
However, there is few problems related to existing wiping
tools. For example, an experiment has been conducted by
Olvecky and Gabriska in 2018 to one of wiping tool that
applying Gutmann Method to wipe out data on the hard disk.
The results shows that the drive cannot erase the data 100%
certainty. In short, from 200GB data is wipe out, there is still
erased traces of 101KB [1]. The result of the experiment
shows that wiping tools face to the issues that their capability
to totally wiping out the data is still questionable.
The rest of the paper is organized as follows: Section II
describes the literature review. Section III presents the
methodology used in developing the tool. The profiles
constructed are then used to train the classifier algorithm.
Section IV describes the Unified Modeling Language (UML)
diagrams, database diagrams and interfaces diagrams. Section
V consists of the implementation of system and system
functional testing. Section VI consists of the summary of the
whole project.
II. LITERATURE REVIEW
A. Data Wiping
Wiping is an act of erasing memory or data from device’s
storage by overwriting the memory or data with some
characters either like null characters or randomized characters
[2] and [1]. The act of wiping files consists of destroying and
hiding data. However, the safest way to corrupt the data is
through sanitization methods like data wiping and physical
destruction onto hard disk drive (HDD) of the devices [3].
Data wiping, also referred as data erasure, data sanitization,
data clearing and data destruction is a process of destruction
of data so the data will be no longer can be recovered and
readable again. Once the process of data wiping is done, it
become impossible to recover the previous existing data as the
links to memory of the data is already being deleted and the
content of the memory also being replace with some new
character value [2].
B. Artefact Wiping
Artefact wiping is the act of removing metadata of a file
[4] and [5]. Metadata are the information that describes other
information of a file [4] and [5]. For example, the metadata of
file consists of size of file, location and date modified and
accessed of selected file. Although artefact wiping will leaves
traces, those traces cannot be recovered as the purpose of
wiping is to intentionally corrupting the data to be unreadable
[6].

978-1-6654-1844-7/21/$31.00 ©2021 IEEE

Authorized licensed use limited to: Vilnius Gediminas Technical University. Downloaded on January 09,2022 at 12:19:38 UTC from IEEE Xplore. Restrictions apply.
C. Randomized Data Wiping Technique Object-Oriented Implementing (OOI), Object-Oriented
Randomized data wipe is a wiping technique that forming Testing (OOT) and Object-Oriented Maintenance [14]. The
a pattern of wiping, consist of 0 and 1 bits[7]. It is a whole process of OOM can be summarize as below:
sanitization technique that overwrite the data with string of i. Object-Oriented Analysis (OOA): Defining the
random data that is totally unrelated to the original data[8]. scope and module of the project and listing out the
The number of passing of randomized data is only once which functional and non-functional requirements in
is much simpler than other advance sanitization techniques but developing the system.
more complex that zero wipe [9]. This is because, random data
ii. Object-Oriented Design (OOD): Designing the
wipe will overwrite the original data with 0 and 1 bit of data
in a random ways. Hence, a specific recovering tool is require logical plan of the systems including Unified
to recover data that is overwrite with randomized data[7]. Modeling Language (UML) diagrams, databases
diagrams and user interfaces.
For Data Wiping Tool, randomized data is implemented
iii. Object-Oriented Implementing (OOI): Start
with the concept of changing the buffer size value of the file
at the same time. Thus, even though the data is wipe, the total developing the system using selected
buffer size of the whole file is still unknown as the buffer size programming language, C# using Visual Studio
of the file is change 2017 and build databases using Microsoft Access.
iv. Object-Oriented Testing (OOT): Get 10 volunteers
D. ByteEditor Wiping Technique
to try the system and rate system’s functionality
ByteEditor wiping is enhance wiping technique from and usability in the form provided.
combination of two different techniques, byte editing and byte
deletion. Byte editing is the art of hiding secret data in a file B. Wiping Tool Framework
through modification of byte. Just like steganography, byte
Figure 1 shows the framework of the wiping tool.
editing allows binary data to be hidden in other binary data
and can be implemented in MS Office word documents[4].
However, for Data Wiping Tool project, we use byte editing
method to modify the originality of the file. Hence, although
the file still readable, the file is no longer valid as the
originality of the file is disrupted [10]. Moreover, byte editing
is a technique that allow user to change of data through byte
value. This technique require user to understand American
Standard Code for Information Intelligence (ASCII) code. The
benefits of this technique is only one byte editing is require to
change data that has same byte value simultaneously. These
characters consists of 256 characters, starting from 0 to 255
characters. Once the byte is selected, the value of selected byte
will converted to other byte value that have been state by the
user through this wiping tool.
Next, byte deletion is a technique that is used to delete
byte. Once a byte is deleted, the data cannot be recovered in
normal way as the byte is permanently remove from the file’s
data [11]. Losing a certain amount of byte will ensure the file
to no longer available and require specific data carving
Fig. 1 Framework of proposed wiping tool.
technique to fix the file [12]. The byte deletion technique can
be classified as delete block method as the data can be
Figure 1 shows the framework of Data Wiping Tool. The
classified as sensitive or insensitive [13]. Then, the block that framework consists of two stages. The first stage is where user
contains sensitive data will be deleted to maintain their
select a file that will be wiped from laptop’s storage. Second
confidentiality. Once the blocks of data are marked as unused,
stage consists of two processes of secure wipe, Randomized
new data will allocate in the free space of the hard drive [13]. data wipe and ByteEditor wipe. The contribution of this tool
The combination of these two techniques can overwrite is it enhance wiping technique, ByteEditor. ByteEditor
and corrupting the data as byte editing technique is implement implement byte editing (hex editing) and byte deletion
to disrupt the originality of the file while byte deletion will techniques. Byte editing is where the byte value is edited to
corrupt the file to be no longer readable. Hence, ByteEditor is new value while byte deletion is when some byte is being
relevant to be implemented into the proposed tool, Data deleted from selected file. Hence, the contribution of this
Wiping Tool. wiping tool is ByteEditor technique.

III. METHODOLOGY IV. SYSTEM ANALYSIS AND DESIGN

A. Object-Oriented Methodology (OOM)
Object-Oriented Methodology (OOM) of Data Wiping
Tool consist of five phases. Those phases are Object-Oriented
Methodology (OOM) consists of five main stages, Object-
Oriented Analysis (OOA), Object-Oriented Design (OOD),
System analysis and design consist of Unified Modeling
Language (UML) diagrams, class diagram and Entity
Relationship Diagram (ERD). The UML diagrams consists of
use-case diagram, sequence diagram, activity diagram and
system architecture.

Authorized licensed use limited to: Vilnius Gediminas Technical University. Downloaded on January 09,2022 at 12:19:38 UTC from IEEE Xplore. Restrictions apply.
A. Use-Case Diagram
Figure 2 shows the use-case diagram of Data Wiping Tool.
Fig. 2 Use-case diagram of Data Wiping Tool.
Based on Figure 2 above, user of this wiping tool is
allowed to do several activities which are ‘Choose File’,
‘Choose Folder’, ‘Wipe Folder’, ‘Wipe File’ and ‘Wipe
Folder’.
B. Sequence Diagram
Figure 2 shows the sequence diagram of Data Wiping
Tool.
Fig. 3 Use-case diagram of Data Wiping Tool.
Based on Figure 3 once the program is run, user will
direct to the main page where all tool’s features located. The
features that exist in the tool are ‘Choose File’, ‘Choose
Folder’, ‘Wipe File and ‘Wipe Folder’. User can choose a file
or a folder and implement the features provided by the tool,
file and folder wiping, and by follows the sequence stated
according on Figure 3. Once all processes are done, user is
redirect to the main page.
C. Activity Diagram
Figure 4 shows the activity diagram of Data Wiping Tool.
Authorized licensed use limited to: Vilnius Gediminas Technical University. Downloaded on January 09,2022 at 12:19:38 UTC from IEEE Xplore. Restrictions apply.
Fig. 4 Activity diagram of Data Wiping Tool.
Based on Figure 4, the program of the tool starts when the
user is directed to the main page of Data Wiping Tool. All
features are shown in the main page. The user can start by
selecting a file or a folder. There are two type of file can be
selected, Words and Excel file. The contents of selected file
or folder will be shown on the screen. Next, the user can
implement the next step, file and folder wiping. There are two
options of wiping techniques, wiping folder’s path and for file
wiping, there are two options. Those options are Randomized
Data wiping and ByteEditor. After the wiping is done, user
can either close the program or directed to the main page and
perform another file or folder wiping.
D. System Architecture
Figure 5 shows the system architecture of Data Wiping
Tool. Based on Figure 4 above, the system start with user will
be directed to the homepage of tool. Then, user is directed to
the main page. In the main page, user is required to choose a
file or a folder from laptop’s storage. Next, user will need to
either choose to wipe file or folder path or performing
overwrite either with Randomized Data or ByteEditor
techniques. These actions will ensure the data is securely
deleted from laptop’s storage. After the file is overwrite, the
user will have to delete the file from the laptop’s storage. Once
the process of file and folder wiping and file and folder
deletion is done, close the program or redirect back to main
page of the system.
 Fig. 7 Main page interface of Data Wiping Tool.
Fig. 5 System architecture of Data Wiping Tool.
TABLE I. DESCRIPTIONS OF MAIN P AGE INTERFACE OF DATA
E. Class Diagram WIPING TOOL.
Class diagram is static structure diagram that describes
system’s structure by showing the system’s classes that No. Type Name Function
present in the system with their attributes and operations. It 1 Button Choose Folder To choose folder
also shows the relationship between each class through class Choose File from folder browser
diagram. Figure 6 shows the class diagram of Data Wiping Wipe Folder To choose file from
Tool. Wipe File file browser
To To wipe folder’s
HOMEPAGE path
User Manual To wipe file, either
through randomized
data or ByteEditor
To direct user to
homepage interface
To direct user to user
manual interface
2 Textbox Folder’s path To show folder’s
Folder’s name path
File’s path To show folder’s
File’s name name
To show file’s path
To show file’s name
3 Label Folder path Label for folder’s
Folder name path textbox
File path Label for folder’s
File name name textbox
Fig. 6 Class diagram of Data Wiping Tool. Label for file’s path
textbox
Figure 6 shows the class diagram of Data Wiping Tool. Label for file’s name
Data Wiping Tool consists of three different classes which are textbox
User, File and Status. Through Figure 6, it can be sure that 4 Combo Combo box for For user to select
User is the superclass as the other two classes, File and Status box Excel’s file sheet from selected
are inherit from it. Hence, the other two classes are known as sheet Excel workbook
subclasses. There are several of operations that are conducted 5 List box Folder list To show folder’s
in the system such as folder and file selection, folder and file
contents in list form
wiping and file deletion. The Set () is use to get the inputs from
the user while Get() is used to display information to the user. 6 Rich File contents To show file
textbox contents (Word file)
V. RESULT AND DISCUSSION 7 Data grid Excel file To show file
view contents (Excel file)
A. System Interface (Mainpage Interface)
Figure 7 shows the main interface of Data Wiping Tool.
This interface is the most crucial part in developing Data
Wiping Tool as it carries main functions of data wiping. The
description of each buttons and boxes in this interface can be
described in Figure 7 and Table 1 below.

Authorized licensed use limited to: Vilnius Gediminas Technical University. Downloaded on January 09,2022 at 12:19:38 UTC from IEEE Xplore. Restrictions apply.
 The explanation of each functions in Data Wiping Tool techniques. Figure 9 and 10 show the code
can be shown as below: segment of ByteEditor wipe.
i. Folder Browser Dialog
Folder browser dialog is implemented to allow
user to browse folder in laptop’s storage through
folder browser.

ii. File Browser Dialog

Open file dialog is implemented to allow user to
browse file, either in Word format or Excel format
in laptop’s storage through file browser.

iii. Folder Wiping

Open file dialog is a method to wipe folder’s path
from laptop’s storage so the folder will no longer
be found. Folder wiping will wipe the path that
connect user directly with the folder.
iv. File Wiping (Randomized Data)
Open file dialog is a function that is implemented
to wipe folder with random data. Randomized data
wipe ensures the data of selected file is overwrite
with unrelated data, known as random data. This
tool will also change the buffer size of the file to
0KB, so the confidential of the data can be
maintain.
Figure 8 shows the code segment of randomized
data wipe. The code segment in Figure 8 will read
the file’s size and all the bytes are then overwritten
randomly with other 256 characters, starting from
0 to 255 characters. Then, the file size will change
to 0KB. The characters in the file are no longer
readable for user to protect the confidentiality and
integrity of the file.
Fig 9. Code segment of byte editing technique in ByteEditor.
Figure 9 shows the code segment of byte editing technique
in ByteEditor. This code segment allow user to state which
byte that user want to edit and to edit the byte with other byte
value. The byte values are in America Standard Code for
Information Intelligence (ASCII) characters. These
characters consist of 256 characters, starting from 0 to 255
characters. Once the byte is selected, the value of selected
byte will be converted to other byte value that have been state
by the user through the tool.
Fig 10. Code segment of byte deletion technique in ByteEditor.
Figure 10 shows shows the code segment for byte deletion
technique in ByteEditor. User will state how much byte that
need to be deleted from the file through ByteEditor interface.
The code is first read the file’s size before delete the byte size
through this formula:

Read byte size – Bytes to be deleted = The new byte size (1)

Through formula (1), the original byte size will change to

the new byte size. Once the original byte size is change, the
file will no longer readable by user. Hence, the confidentiality
and integrity of the file is protected.
B. Discussion
Based on the Data Wiping Tool above, there are several
advantages and disadvantages that can be found. The
advantages of this tool are:
Fig 8. Code segment of file wiping using Randomized Data technique.
i. Users can securely delete their unwanted conditional
documents from laptop’s storage.
v. File Wiping (ByteEditor Technique)
ii. The conditionality and integrity of the documents
File wiping that is implemented ByteEditor is a
can be maintained even after the documents are
new technique that is propose specially for this deleted.
tool. ByteEditor is a combination of two different
techniques which are byte editing and byte erase

Authorized licensed use limited to: Vilnius Gediminas Technical University. Downloaded on January 09,2022 at 12:19:38 UTC from IEEE Xplore. Restrictions apply.
iii. A new method is needed to recover documents that
are being wipe using ByteEditor as this technique is
a new wiping technique.
iv. A secure environment in wiping documents could be
achieve.
v. There is no audit trail implemented in the tool to
maintain confidentiality of users and documents.
vi. This tool is an offline tool. The risk of documents
being stole through the internet can be minimize.
However, there are also some disadvantages found in this tool.
Those disadvantages are:
i. The tool cannot be updated since it is an offline tool.
ii. Advance threat may recover the wiped documents as
the tool cannot be updated.
Through those disadvantages found in this tool, these are
recommendations that can enhance this tool in the future:
i. The proposed method, ByteEditor can be upgraded
to random data selection and make the tool is more
user-friendly.
ii. The sign-up module and audit trail should be added
so the wipe documents can be recorded to prevent
unauthorized access.
iii. This tool should support internet access so the tool
can be updated from time to time.
VI. CONCLUSION
Nowadays, many wiping tools is promoted in the market.
However, there are some wiping tools that face issue of data
breaches and data leakages. Data Wiping Tool is developed to
provide enhance wiping technique, which is ByteEditor that
may can enhance the security of the data. Through Data
Wiping Tool, the confidentiality and integrity of the data can
be protected. Moreover, this tool is developed specialize for
personal laptop users or companies that implement Bring
Your Own Device (BYOD) as the tool is flexible to be used
in mobile devices, especially laptop. During the development
of this wiping tool, there are few advantages and
disadvantages found from this tool. A perfect tool cannot be
achieved because technologies are changing every day.
Hence, there is always new improvement is proposed every
day. The recommendations and suggestion give a chance for
a developed tool to be upgraded and widening the area of data
wiping. This developed tool can achieve its own objectives
and considered as success.
Authorized licensed use limited to: Vilnius Gediminas Technical University. Downloaded on January 09,2022 at 12:19:38 UTC from IEEE Xplore. Restrictions apply.
ACKNOWLEDGMENT
The authors would like to thank the Ministry Of Higher
Education for supporting this research under Fundamental
Research Grant Scheme Vot No. FRGS/1/2018/
ICT04/UTHM/03/4 and partially sponsored by Universiti Tun
Hussein Onn Malaysia.
REFERENCES
[1] M. Olvecky and D. Gabriska, “Wiping Techniques and Anti-Forensics
Methods,” in 2018 IEEE 16th International Symposium on Intelligent
Systems and Informatics (SISY), 2018, pp. 000127–000132.
[2] Dr. Ajeet Singh Poonia, “Data Wiping and Anti Forensic Techniques,”
2014.
[3] G. F. Hughes, T. Coughlin, and D. M. Commins, “Disposal of Disk and
Tape Data by Secure Sanitization,” IEEE Secur. Priv. Mag., vol. 7, no.
4, pp. 29–34, Jul. 2009.
[4] K. Hausknecht and S. Gruicic, “Anti-computer forensics,” in 2017 40th
International Convention on Information and Communication
Technology, Electronics and Microelectronics (MIPRO), 2017, pp.
1233–1240.
[5] K. Conlan, I. Baggili, and F. Breitinger, “Anti-forensics: Furthering
digital forensic science through a new extended, granular taxonomy,”
in DFRWS 2016 USA - Proceedings of the 16th Annual USA Digital
Forensics Research Conference, 2016, pp. S66–S75.
[6] N. Panwar, “Anti Forensics Analysis of File Wiping Tools,” 2016.
[7] B. A. George Pecherle, Cornelia Győrödi, Robert Győrödi, “Data
Wiping System with Fully Automated, Hidden and Remote Destruction
Capabilities,” 2010.
[8] D.Edgar, “Data Sanitization Techniques A Net 2000 Ltd. White
Paper,” 2000.
[9] M. F. B. M. Fuad, “KeyShred: Archive Files Sanitization using Crypto
Key Deletion,” Universiti Tun Hussein Onn Malaysia, 2018.
[10] V. H. Mahale, M. M. H. Ali, P. L. Yannawar, and A. T. Gaikwad,
“Image Inconsistency Detection Using Local Binary Pattern (LBP),” in
Procedia Computer Science, 2017, vol. 115, pp. 501–508.
[11] Z. Katamara, “Taxonomy for Anti-Forensics Techniques &
Countermeasures.”
[12] T. K. Yves Vandermeer, Nhien-An Le-Khac, Joe Carthy, “Forensic
Analysis of the exFAT artefacts,” 2018. [Online]. Available:
https://www.researchgate.net/publication/324744750_Forensic_Analy
sis_of_the_exFAT_artefacts. [Accessed: 31-May-2020].
[13] P. Tiwari, C. S. Skanda, U. Sanjana, S. Aruna, and P. Honnavalli,
“Secure Wipe Out in BYOD Environment,” 2020, pp. 109–114.
[14] E. Colbert and E., “The object-oriented software development method:
a practical approach to object-oriented development,” in Proceedings
of the conference on Tri-Ada ’89 Ada technology in context:
application, development, and deployment - TRI-Ada ’89, 1989, pp.
400–415.