Reconstructing Textual File Fragments Using Unsupervised Machine Learning Techniques
This work is an investigation into reconstructing fragmented ASCII files based on content analysis motivated by a desire to demonstrate machine learning's applicability to Digital Forensics. Using a categorized corpus of Usenet, Bulletin Board Systems, and other assorted documents a series of e...
| Main Author: | |
|---|---|
| Format: | Others |
| Published: |
ScholarWorks@UNO
2008
|
| Subjects: | |
| Online Access: | http://scholarworks.uno.edu/td/881 http://scholarworks.uno.edu/cgi/viewcontent.cgi?article=1861&context=td |
| Summary: | This work is an investigation into reconstructing fragmented ASCII files based on content analysis motivated by a desire to demonstrate machine learning's applicability to Digital Forensics. Using a categorized corpus of Usenet, Bulletin Board Systems, and other assorted documents a series of experiments are conducted using machine learning techniques to train classifiers which are able to identify fragments belonging to the same original file. The primary machine learning method used is the Support Vector Machine with a variety of feature extractions to train from. Additional work is done in training committees of SVMs to boost the classification power over the individual SVMs, as well as the development of a method to tune SVM kernel parameters using a genetic algorithm. Attention is given to the applicability of Information Retrieval techniques to file fragments, as well as an analysis of textual artifacts which are not present in standard dictionaries. |
|---|