Name
Abstract | ||
|---|---|---|
A key task in digital forensic analysis is the location of relevant information within the computer system. Identification of the relevancy of data is often dependent upon the identification of the type of data being examined. Typical file type identification is based upon file extension or magic keys. These typical techniques fail in many typical forensic analysis scenarios such as needing to deal with embedded data, such as with Microsoft Word files, or file fragments. The SÁDI (Statistical Analysis Data Identification) technique applies statistical analysis of the byte values of the data in such a way that the accuracy of the technique does not rely on the potentially misleading metadata information but rather the values of the data itself. The development of SÁDI provides the capability to identify what digitally stored data actually represents and will also allow for the selective extraction of portions of the data for additional investigation; i.e., in the case of embedded data. Thus, our research provides a more effective type identification technique that does not fail on file fragments, embedded data types, or with obfuscated data. |
Year | DOI | Venue |
|---|---|---|
2008 | 10.1109/SADFE.2008.13 | SADFE |
Keywords | Field | DocType |
embedded data,statistical analysis,file extension,effective type identification technique,typical file type identification,digital forensic analysis,microsoft word file,obfuscated data,file fragment,embedded data type,data type identification,information analysis,computer forensics,failure analysis,data type,data structures,data engineering,data mining,operating systems,system identification,digital forensics,operating system,information retrieval,criminal law,data hiding,computer science | File format,Data mining,Data structure,Metadata,Key Sequenced Data Set,Digital forensics,Computer science,Data type,Data file,Word processing | Conference |
Citations | PageRank | References |
22 | 1.74 | 5 |
Authors | ||
2 | ||
Name | Order | Citations | PageRank |
|---|---|---|---|
| Sarah J. Moody | 1 | 27 | 2.20 |
| Robert F. Erbacher | 2 | 202 | 27.65 |