A. Byrski, Wojciech Stryjewski, Bartłomiej Czechowicz
{"title":"PyFlag在高效分析计算机数据存储中的应用","authors":"A. Byrski, Wojciech Stryjewski, BartÅ‚omiej Czechowicz","doi":"10.15394/JDFSL.2010.1071","DOIUrl":null,"url":null,"abstract":"Based on existing software aimed at investigation support in the analysis of computer data storage overtaken during investigation (PyFlag), an extension is proposed involving the introduction of dedicated components for data identification and filtering. Hash codes for popular software contained in NIST/NSRL database are considered in order to avoid unwanted files while searching and to classify them into several categories. The extension allows for further analysis, e.g. using artificial intelligence methods. The considerations are illustrated by the overview of the system's design.","PeriodicalId":43224,"journal":{"name":"Journal of Digital Forensics Security and Law","volume":null,"pages":null},"PeriodicalIF":0.6000,"publicationDate":"2010-03-31","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"1","resultStr":"{\"title\":\"Adaptation of PyFlag to Efficient Analysis of Overtaken Computer Data Storage\",\"authors\":\"A. Byrski, Wojciech Stryjewski, BartÅ‚omiej Czechowicz\",\"doi\":\"10.15394/JDFSL.2010.1071\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"Based on existing software aimed at investigation support in the analysis of computer data storage overtaken during investigation (PyFlag), an extension is proposed involving the introduction of dedicated components for data identification and filtering. Hash codes for popular software contained in NIST/NSRL database are considered in order to avoid unwanted files while searching and to classify them into several categories. The extension allows for further analysis, e.g. using artificial intelligence methods. The considerations are illustrated by the overview of the system's design.\",\"PeriodicalId\":43224,\"journal\":{\"name\":\"Journal of Digital Forensics Security and Law\",\"volume\":null,\"pages\":null},\"PeriodicalIF\":0.6000,\"publicationDate\":\"2010-03-31\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"1\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"Journal of Digital Forensics Security and Law\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.15394/JDFSL.2010.1071\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"Q4\",\"JCRName\":\"COMPUTER SCIENCE, INFORMATION SYSTEMS\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"Journal of Digital Forensics Security and Law","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.15394/JDFSL.2010.1071","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"Q4","JCRName":"COMPUTER SCIENCE, INFORMATION SYSTEMS","Score":null,"Total":0}
Adaptation of PyFlag to Efficient Analysis of Overtaken Computer Data Storage
Based on existing software aimed at investigation support in the analysis of computer data storage overtaken during investigation (PyFlag), an extension is proposed involving the introduction of dedicated components for data identification and filtering. Hash codes for popular software contained in NIST/NSRL database are considered in order to avoid unwanted files while searching and to classify them into several categories. The extension allows for further analysis, e.g. using artificial intelligence methods. The considerations are illustrated by the overview of the system's design.
京公网安备 11010802042870号
京ICP备2023020795号-1
分享
求助内容:
应助结果提醒方式:
扫码关注我们
