A sequence of data referred to based on a file is known as a data stream, often referred to as file streams.
These streams are a feature of the NTFS file system that allows for the storage of additional data within a file without changing its size, and are often used by attackers to store stealth malware.
Understanding and detecting Alternate Data Streams (ADS) is crucial for cyber security professionals.
NTFS files have two data streams; STANDARDandDATA, the latter of which is the main data stream for a file.
Any data streams within a file other than $DATA are considered alternate data streams.
These are created with a colon followed by the stream name, such as :StreamName.