Paper Info
Title
Computer forensic problem of sample size in file type analysis.
Abstract
File type identification (FTI) is the problem of determining the file type from its content. FTI, as a computer forensic challenge, has been studied extensively with many solutions provided by researchers. One of the most popular methodologies to do so is the mathematical analysis, which examines the distribution of bytes to explore the file type [byte frequency distribution (BFD) equations]. The main question, which is left behind, is that how one can generalise his or her proposed FTI algorithm to all files? In this work, firstly, a normality assessment test has been applied for various BFDu0027s equations, which showed none of the BFDu0027s histogram is normal distribution. Then, using Renkonen correlation to compare non-normal distributions, the proper sample sizes, which is population representative, were presented based upon the file type and BFDu0027s equations. Finally, it has been shown that using bootstrap method the BFDu0027s distribution can be converted into a normal distribution.
Year
Venue
Field
2018
IJAIP
File format,Normality,Histogram,Byte,Population,Normal distribution,Pattern recognition,Computer science,Algorithm,Artificial intelligence,Sample size determination,Bootstrapping (electronics)
DocType
Volume
Issue
Journal
11
1/2
Citations 
PageRank 
References 
0
0.34
0
Authors
4
Name
Order
Citations
PageRank
Hassan Chizari1526.20
Shukor Abd Razak211213.67
Mojib Majidi301.01
Shaharuddin Salleh415816.65