文章基本信息

标题：Adaptation of PyFlag to Efficient Analysis of Overtaken Computer Data Storage
本地全文：下载
作者：Aleksander Byrski ; Wojciech Stryjewski ; BartÅ‚omiej Czechowicz 等
期刊名称：Journal of Digital Forensics, Security and Law
印刷版ISSN：1558-7215
电子版ISSN：1558-7223
出版年度：2010
卷号：1
期号：1705
页码：49-62
语种：English
出版社：Association of Digital Forensics, Security and Law
摘要：Based on existing software aimed at investigation support in the analysis of computer data storage overtaken during investigation (PyFlag), an extension is proposed involving the introduction of dedicated components for data identification and filtering. Hash codes for popular software contained in NIST/NSRL database are considered in order to avoid unwanted files while searching and to classify them into several categories. The extension allows for further analysis, e.g. using artificial intelligence methods. The considerations are illustrated by the overview of the system's design.