Presentation is loading. Please wait.

Presentation is loading. Please wait.

A summary of the report written by W. Alink, R.A.F. Bhoedjang, P.A. Boncz, and A.P. de Vries.

Published byMeagan Rogers Modified over 8 years ago

Similar presentations

Presentation on theme: "A summary of the report written by W. Alink, R.A.F. Bhoedjang, P.A. Boncz, and A.P. de Vries."— Presentation transcript:

1 A summary of the report written by W. Alink, R.A.F. Bhoedjang, P.A. Boncz, and A.P. de Vries.

2 The Problem Large amount of data – possibly terabytes Limited amount of time Higher chance of missing traces Diversity of data Too many specialized tools Difficult to integrate results Time constraints Knowledge constraints

3 Solution Separate feature extraction from analysis: Feature Extraction: The extraction of useful features from raw data- Includes more than just file data Analysis: Browsing, querying and correlating. One output format for forensic analysis tools (based on XML) XML for storing and querying the output of the tools. Automate feature extraction Various current projects in law enforcement community related to automated feature extraction

4 XIRAF Prototype system that uses this approach “XML Information Retrieval Approach to digital Forensics” Automatic feature extraction from disk image/s Stores data in XML database Uses XQuery (XML query language) to access the database and the data from the disk-image.

5 Framework 3 components: Tool repository: feature extraction tools Feature extraction manager: manages the invocation of the tools, merges output and stores it in storage subsystem. Storage subsystem: composed of raw evidence (binary large objects) and extracted features (XML)

6 General Overview of process Image fed to system (binary data) Feature Extraction Manager extracts useful features (uses tool repository) Feature Extraction Manager stores features in single XML document (in form of a tree). The Feature Extraction Manager can then run other tools on the found data and add to the xml document. Data stored in storage sub system, where the binary data or the XML tree can be accessed

7 Forensic Applications Timeline browser Mainstream tools do file-system browsing (relies on file- system meta-data) This application of XIRAF can get all XML fragments with a timestamp, gathered from different tools (which could include things like chat logs). Photo search Finds digital images that meet desired conditions Can consider camera model, date and time of recording, image resolution and more.

8 Forensic Applications Child Pornography Detection Uses hash of various files that are known to contain child pornography Matches files against a database of hashes The hash database is converted to XML, and preloaded into the XML database XIRAF contains. The comparison is done during the feature extraction phase.

9 Conclusion/future work Too early to draw definitive conclusions (just a prototype) An increasing number of tools have started producing output in XML. Mobile phone queries More knowledge bases

10 References W. Alink, R.A.F. Bhoedjang, P.A. Boncz, and A.P. de Vries. ““XIRAF – XML-based indexing and querying for digital forensics”. Available at: http://dfrws.org/2006/proceedings/7-Alink.pdf http://dfrws.org/2006/proceedings/7-Alink.pdf

Download ppt "A summary of the report written by W. Alink, R.A.F. Bhoedjang, P.A. Boncz, and A.P. de Vries."

Similar presentations

Overview of Data Structures and Algorithms

Overview of Data Structures and Algorithms
Key-word Driven Automation Framework Shiva Kumar Soumya Dalvi May 25, 2007.

Key-word Driven Automation Framework Shiva Kumar Soumya Dalvi May 25, 2007.
CAPTURE SOFTWARE Please take a few moments to review the following slides. Please take a few moments to review the following slides. The filing of documents.

CAPTURE SOFTWARE Please take a few moments to review the following slides. Please take a few moments to review the following slides. The filing of documents.
Xyleme A Dynamic Warehouse for XML Data of the Web.

Xyleme A Dynamic Warehouse for XML Data of the Web.
ADVISE: Advanced Digital Video Information Segmentation Engine

ADVISE: Advanced Digital Video Information Segmentation Engine
Visual Web Information Extraction With Lixto Robert Baumgartner Sergio Flesca Georg Gottlob.

Visual Web Information Extraction With Lixto Robert Baumgartner Sergio Flesca Georg Gottlob.
Direct Congress Dan Skorupski Dan Vingo 15 October 2008.

Direct Congress Dan Skorupski Dan Vingo 15 October 2008.
An Object-Oriented Architecture Supporting Web Application Testing Presented By: Bhavdeep Singh.

An Object-Oriented Architecture Supporting Web Application Testing Presented By: Bhavdeep Singh.
Technology for Computer Forensics by Alicia Castro.

Technology for Computer Forensics by Alicia Castro.
1 Information Retrieval and Extraction 資訊檢索與擷取 Chia-Hui Chang, Assistant Professor Dept. of Computer Science & Information Engineering National Central.

1 Information Retrieval and Extraction 資訊檢索與擷取 Chia-Hui Chang, Assistant Professor Dept. of Computer Science & Information Engineering National Central.
Summary. Chapter 9 – Triggers Integrity constraints Enforcing IC with different techniques –Keys –Foreign keys –Attribute-based constraints –Schema-based.

Summary. Chapter 9 – Triggers Integrity constraints Enforcing IC with different techniques –Keys –Foreign keys –Attribute-based constraints –Schema-based.
BUSINESS DRIVEN TECHNOLOGY

BUSINESS DRIVEN TECHNOLOGY
Chapter 1 Introduction to Databases

Chapter 1 Introduction to Databases
Database Management Systems (DBMS)

Database Management Systems (DBMS)
Digital Forensics Dr. Bhavani Thuraisingham The University of Texas at Dallas Lecture #12 Intelligent Digital Forensics September 30, 2009.

Digital Forensics Dr. Bhavani Thuraisingham The University of Texas at Dallas Lecture #12 Intelligent Digital Forensics September 30, 2009.
4/20/2017.

4/20/2017.
Databases & Data Warehouses Chapter 3 Database Processing.

Databases & Data Warehouses Chapter 3 Database Processing.
Systems Analysis – Analyzing Requirements.  Analyzing requirement stage identifies user information needs and new systems requirements  IS dev team.

Systems Analysis – Analyzing Requirements.  Analyzing requirement stage identifies user information needs and new systems requirements  IS dev team.
CS370 Spring 2007 CS 370 Database Systems Lecture 2 Overview of Database Systems.

CS370 Spring 2007 CS 370 Database Systems Lecture 2 Overview of Database Systems.
OCLC Online Computer Library Center CONTENTdm ® Digital Collection Management Software Ron Gardner, OCLC Digital Services Consultant ICOLC Meeting April.

OCLC Online Computer Library Center CONTENTdm ® Digital Collection Management Software Ron Gardner, OCLC Digital Services Consultant ICOLC Meeting April.

Similar presentations

Ads by Google