Identifying forensically uninteresting files in a large corpus

Identifying forensically uninteresting files in a large corpus

For digital forensics, eliminating the uninteresting is often more critical than finding the interesting. We discuss methods exploiting the metadata of a large corpus. Tests were done with an international corpus of 262.7 million files obtained from 4018 drives. For malware investigations, we show t...

Full description

Bibliographic Details
Main Author:	N. C. Rowe
Format:	Article
Language:	English
Published:	European Alliance for Innovation (EAI) 2016-12-01
Series:	EAI Endorsed Transactions on Security and Safety
Subjects:	digital forensics metadata files corpus data reduction hashes triage whitelists classification malware camouflage
Online Access:	http://eudl.eu/doi/10.4108/eai.8-12-2016.151725

Similar Items

Application Whitelisting : Smartphones in High Security Environments
by: Bildsten, Caroline
Published: (2013)

A Heuristic Featured Based Quantification Framework for Efficient Malware Detection. Measuring the Malicious intent of a file using anomaly probabilistic scoring and evidence combinational theory with fuzzy hashing for malware detection in Portable Executable files
by: Namanya, Anitta P.
Published: (2018)

Do Metadata-based Deleted-File-Recovery (DFR) Tools Meet NIST Guidelines?
by: Andrew Meyer, et al.
Published: (2019-08-01)

Respon Masyarakat terhadap Sistem Whitelist: Alternatif untuk Akses Internet yang Lebih Aman
by: Emyana Ruth Eritha Sirait
Published: (2017-01-01)

Computer Forensics Method in Analysis of Files Timestamps in Microsoft Windows Operating System and NTFS File System
by: Vesta Sergeevna Matveeva, et al.
Published: (2013-02-01)

A new ransomware detection scheme based on tracking file signature and file entropy
by: Jethva, Brijesh
Published: (2019)

Detecting Malicious Code by Binary File Checking
by: Marius POPA
Published: (2014-01-01)

Similarity hash based scoring of portable executable files for efficient malware detection in IoT
by: Namanya, Anitta P., et al.
Published: (2019)

Combined kNN Classification and Hierarchical Similarity Hash for Fast Malware Detection
by: Sunoh Choi
Published: (2020-07-01)

Scalable and Multifaceted Search and Its Application for Binary Malware Files
by: Donghoon Kim, et al.
Published: (2021-01-01)

Hierarchy-Based File Fragment Classification
by: Manish Bhatt, et al.
Published: (2020-08-01)

Ext4 and XFS File System Forensic Framework Based on TSK
by: Hyungchan Kim, et al.
Published: (2021-09-01)

Performance Comparison of Forensic Software for Carving Files using NIST Method
by: Doddy Teguh Yuwono, et al.
Published: (2019-07-01)

A Study on the Digital Forensic Investigation Method of Clever Malware in IoT Devices
by: Dohyun Kim, et al.
Published: (2020-01-01)

Validação de dados através de hashes criptográficos: uma avaliação na perícia forense computacional brasileira
by: LIMA, José Paulo da Silva
Published: (2016)

Corpus-based studies in conference interpreting
by: Russo M.
Published: (2019-02-01)

Forensic analysis of unallocated space
by: Lei, Zhenxing
Published: (2011)

Android Malware Familial Classification Based on DEX File Section Features
by: Yong Fang, et al.
Published: (2020-01-01)

Augmenting Network Flows with User Interface Context to Inform Access Control Decisions
by: Chuluundorj, Zorigtbaatar
Published: (2019)

Scalable and Secure Internet of Things Connectivity
by: Ye-Jin Choi, et al.
Published: (2019-07-01)

Dataset for file fragment classification of textual file formats
by: Fatemeh Mansouri Hanis, et al.
Published: (2019-12-01)

Dataset for file fragment classification of audio file formats
by: Atieh Khodadadi, et al.
Published: (2019-12-01)

Dataset for file fragment classification of image file formats
by: Reyhane Fakouri, et al.
Published: (2019-11-01)

Dataset for file fragment classification of video file formats
by: Narges Sadeghi, et al.
Published: (2020-04-01)

Temporal analysis on HFS+ and across file systems in digital forensic investigation
by: Wang, Mengmeng, et al.
Published: (2013)

Fast topology algorithm for STL files based on half-edges structure
by: Wu Xiaochao, et al.
Published: (2020-01-01)

Scale and Concurrency of Massive File System Directories
by: Patil, Swapnil
Published: (2013)

Detection and Forensics of Encryption Behavior of Storage File and Network Transmission Data
by: Songbin Li, et al.
Published: (2020-01-01)

Ways of Concealment for Iatrogenic Crimes, Traces of Their Commission and Forensic Methods of Their Identification
by: M. V. Tuzlukova
Published: (2020-01-01)

Forensic Multimedia File Carving
by: Nadeem Ashraf, Muhammad
Published: (2013)

Robust Speech Hashing for Digital Audio Forensics
by: Diego Renza, et al.
Published: (2019-12-01)

Cabells Scholarly Analytics
by: Lilian Hoffecker
Published: (2018-04-01)

Improving Forensic Triage Efficiency through Cyber Threat Intelligence
by: Nikolaos Serketzis, et al.
Published: (2019-07-01)

Exploring Forensic Implications of the Fusion Drive
by: Shruti Gupta, et al.
Published: (2014-09-01)

A Simple Measuring Model for Evaluating the Performance of Small Block Size Accesses in Lustre File System
by: N. Jayakumar, et al.
Published: (2017-12-01)

FIViz: Forensics Investigation through Visualization for Malware in Internet of Things
by: Israr Ahmad, et al.
Published: (2020-09-01)

Identifying Malicious Software Using Deep Residual Long-Short Term Memory
by: Aziz Alotaibi
Published: (2019-01-01)

Intelligent Vision-Based Malware Detection and Classification Using Deep Random Forest Paradigm
by: S. Abijah Roseline, et al.
Published: (2020-01-01)

Whitelisting in RFDMA Networks
by: Tomaz Solc, et al.
Published: (2019-01-01)

Realising a Push Button Modality for Video-Based Forensics
by: Bako Zawali, et al.
Published: (2021-04-01)