Retrieval of files without the support of file system structures is arguably essential for digital forensics. Files are typically stored as sequences of data blocks, which have to be reconstructed in the retrieval process. This is commonly performed, among other approaches, through file carving, in general detecting the original block sequences by means of signatures of known headers and footers of files. Of course, this creates challenges with fragmented files, where blocks belonging to different files may be interleaved. Ways to classify file blocks into file types relying on their content may provide a support to achieve a successful reconstruction. We propose to classify file blocks using Support Vector Machines (SVMs), and we do so by ...
This paper presents an approach to improve the file fragment classification by proposing new feature...
Similarity a b s t r a c t Hash-based carving is a technique for detecting the presence of specific ...
Part 4: FILESYSTEM FORENSICSInternational audienceThe first step when recovering deleted files using...
Retrieval of files without the support of file system structures is arguably essential for digital f...
Abstract In computer forensics, carving is an important trick in the digital in-vestigator’s sleeve....
This work is an investigation into reconstructing fragmented ASCII files based on content analysis m...
Part 2: FORENSIC TECHNIQUESInternational audienceBecause files are typically stored as sequences of ...
One of the major components in Digital Forensics is the extraction of files from a criminal’s hard d...
Part 2: FORENSIC TECHNIQUESInternational audienceDigital forensic examiners often need to identify t...
Digital forensics Sub-file forensics a b s t r a c t Over the past decade, a substantial effort has ...
Content-based file-type identification schemes often use byte-frequency distri-bution as a feature a...
File-type Identification (FTI) is an important problem in digital forensics, intrusion detection, an...
Abstract Digital forensic examiners often need to identify the type of a file or file fragment based...
MSc (Computer Science), North-West University, Potchefstroom Campus, 2013The increased use of digita...
Georgios Pierris and Stilianos Vidalis, 'Forensically Classifying Files Using HSOM Algorithms', in P...
This paper presents an approach to improve the file fragment classification by proposing new feature...
Similarity a b s t r a c t Hash-based carving is a technique for detecting the presence of specific ...
Part 4: FILESYSTEM FORENSICSInternational audienceThe first step when recovering deleted files using...
Retrieval of files without the support of file system structures is arguably essential for digital f...
Abstract In computer forensics, carving is an important trick in the digital in-vestigator’s sleeve....
This work is an investigation into reconstructing fragmented ASCII files based on content analysis m...
Part 2: FORENSIC TECHNIQUESInternational audienceBecause files are typically stored as sequences of ...
One of the major components in Digital Forensics is the extraction of files from a criminal’s hard d...
Part 2: FORENSIC TECHNIQUESInternational audienceDigital forensic examiners often need to identify t...
Digital forensics Sub-file forensics a b s t r a c t Over the past decade, a substantial effort has ...
Content-based file-type identification schemes often use byte-frequency distri-bution as a feature a...
File-type Identification (FTI) is an important problem in digital forensics, intrusion detection, an...
Abstract Digital forensic examiners often need to identify the type of a file or file fragment based...
MSc (Computer Science), North-West University, Potchefstroom Campus, 2013The increased use of digita...
Georgios Pierris and Stilianos Vidalis, 'Forensically Classifying Files Using HSOM Algorithms', in P...
This paper presents an approach to improve the file fragment classification by proposing new feature...
Similarity a b s t r a c t Hash-based carving is a technique for detecting the presence of specific ...
Part 4: FILESYSTEM FORENSICSInternational audienceThe first step when recovering deleted files using...