GenSpec: A File Fragment Classification Approach

Autor: Abdullatif Saleh Alfaqiri, Ahmed Nour Moussa, Firas Layth Khaleel, Mohammed Abdulaziz Alsubhi
Rok vydání: 2020
Předmět:
Zdroj: 2020 International Conference on Computing and Information Technology (ICCIT-1441).
Popis: Collection and analysis of data are at the heart of digital forensics. However, in real-life situations, the data of interest is often found in files that were partially erased or otherwise tampered with. Consequently, identification of the file types of those fragmented files and the data format of the text contained in each file are deemed necessary. While there are already many techniques for file fragment classification, their performance has to be improved in order to be truly useful for a large number of file fragments. This paper proposes a technique that first classifies file fragments based on the type of their content rather than on the format of the file they are coming from, and second, the fragments are further classified in narrower categories corresponding to their actual file type. The proposed technique is evaluated for its performance by benchmarking it to some existing techniques.
Databáze: OpenAIRE