Open Access
Towards a Process Model for Hash Functions in Digital Forensics
Frank Breitinger,Huajian Liu,Christian Winter,Harald Baier,Alexey Rybalchenko,Martin Steinebach +5 more
Reads0
Chats0
TLDR
A common approach for automated file identification are hash functions, where a tool hashes all files of a seized device and compares them against a database to discard non-relevant or detect suspicious files.Abstract:
Handling forensic investigations gets more and more difficult as the amount of data one has to analyze is increasing continuously A common approach for automated file identification are hash functions The proceeding is quite simple: a tool hashes all files of a seized device and compares them against a database Depending on the database, this allows to discard non-relevant (whitelisting) or detect suspicious files (blacklisting)read more
Citations
More filters
ReportDOI
Approximate Matching: Definition and Terminology
TL;DR: The purpose of this document is to provide a definition and terminology to describe approximate matching in order to promote discussion, research, tool development and tool acquisition.
Journal ArticleDOI
On the database lookup problem of approximate matching
TL;DR: This paper presents and evaluates a concept to extend existing approximate matching algorithms, which reduces the lookup complexity from O(x) to O(1), and demonstrates that a single, huge Bloom filter has a far better performance.
Journal ArticleDOI
Fast indexing strategies for robust image hashes
TL;DR: This work presents and evaluates two indexing strategies for robust image hashes created by the ForBild tool, based on generic indexing approaches for Hamming spaces, i.e. spaces of bit vectors equipped with the Hamming distance.
Proceedings Article
Data Sources for Advancing Cyber Forensics: What the Social World has to Offer
Ibrahim Baggili,Frank Breitinger +1 more
TL;DR: In this paper, the authors consider how the scientific community may leverage publically accessible social media data to advance the state of the art in Cyber Forensics. But, only a few data sources exist at the time writing of this paper.
Journal ArticleDOI
File Detection On Network Traffic Using Approximate Matching
Frank Breitinger,Ibrahim Baggili +1 more
TL;DR: F fuzzy hashing analysis based on approximate matching, which is very common in digital forensics to correlate similar les, is demonstrated how to optimize and apply them on single network packets.
References
More filters
Proceedings ArticleDOI
Object recognition from local scale-invariant features
TL;DR: Experimental results show that robust object recognition can be achieved in cluttered partially occluded images with a computation time of under 2 seconds.
Journal ArticleDOI
Space/time trade-offs in hash coding with allowable errors
TL;DR: Analysis of the paradigm problem demonstrates that allowing a small number of test messages to be falsely identified as members of the given set will permit a much smaller hash area to be used without increasing reject time.
Proceedings ArticleDOI
On the resemblance and containment of documents
TL;DR: The basic idea is to reduce these issues to set intersection problems that can be easily evaluated by a process of random sampling that could be done independently for each document.
Proceedings ArticleDOI
Similarity of color images
Markus Stricker,Markus Orengo +1 more
TL;DR: Two new color indexing techniques are described, one of which is a more robust version of the commonly used color histogram indexing and the other which is an example of a new approach tocolor indexing that contains only their dominant features.
Secure Hash Standard
TL;DR: The SHA-1 is used by both the transmitter and intended receiver of a message in computing and verifying a digital signature and whenever a secure hash algorithm is required for federal applications.