kau.se
System disruptions
We are currently experiencing disruptions on the search portals due to high traffic. We are working to resolve the issue, you may temporarily encounter an error message.
EnglishSvenskaNorsk
Change search
CiteExportLink to record
Permanent link

Direct link
Cite
Citation style
  • apa
  • ieee
  • modern-language-association-8th-edition
  • vancouver
  • apa.csl
  • Other style
More styles
Language
  • de-DE
  • en-GB
  • en-US
  • fi-FI
  • nn-NO
  • nn-NB
  • sv-SE
  • Other locale
More languages
Output format
  • html
  • text
  • asciidoc
  • rtf
An Evaluation of Side-Information Assisted Forensic Hash Matching
Karlstad University, Faculty of Health, Science and Technology (starting 2013), Department of Mathematics and Computer Science (from 2013).ORCID iD: 0000-0003-3461-7079
2014 (English)In: Computer Software and Applications Conference Workshops (COMPSACW), 2014 IEEE 38th International) / [ed] Chang, CK; Gao, Y; Hurson, A; Matskin, M; McMillin, B; Okabe, Y; Seceleanu, C; Yoshida, K, IEEE, 2014, p. 331-336Conference paper, Published paper (Refereed)
Abstract [en]

Investigations involving digital forensics typically include file hash matching procedures at one or more steps in the examination. File hash matching is typically done by computing a complete file hash value for each file on a storage device and comparing that to a pre-computed hash list. This work examines how various improvements to the basic technique impact the time required to perform hash matching. Specifically, side-information assisted approaches are evaluated in this work. By utilizing side-information such as file sizes and pre-hashes in addition to the traditional hash values, we find that it is possible to considerably decrease the amount of time required to perform file hash matching. A simulation model is used to evaluate the potential time saving over a range of storage devices and using five different empirically derived file size distribution datasets totaling 36 million file sizes. The results indicate that side-information assisted hashing provides a considerable reduction of the time required, ranging between 5% and 99%, with the majority of cases providing reductions with more than 50%.
Place, publisher, year, edition, pages
IEEE, 2014. p. 331-336
Keywords [en]
Computer Science, Software Engineering; Computer Science, Theory & Methods; Engineering, Electrical & Electronic
National Category
Computer Sciences
Research subject
Computer Science
Identifiers
URN: urn:nbn:se:kau:diva-40975DOI: 10.1109/COMPSACW.2014.58ISI: 000352787700056OAI: oai:DiVA.org:kau-40975DiVA, id: diva2:909300
Conference
COMPSACW 2014 IEEE 38th International Computer Software and Applications Conference Workshops, Västerås Sweden,Jul 21-25, 2014
Available from: 2016-03-05 Created: 2016-03-05 Last updated: 2019-11-10Bibliographically approved

Open Access in DiVA

No full text in DiVA

Other links

Publisher's full texthttp://ieeexplore.ieee.org/xpl/articleDetails.jsp?arnumber=6903151

Authority records

Garcia, Johan

Search in DiVA

By author/editor
Garcia, Johan
By organisation
Department of Mathematics and Computer Science (from 2013)
Computer Sciences

Search outside of DiVA

GoogleGoogle Scholar

doi
urn-nbn

Altmetric score

doi
urn-nbn
Total: 302 hits
CiteExportLink to record
Permanent link

Direct link
Cite
Citation style
  • apa
  • ieee
  • modern-language-association-8th-edition
  • vancouver
  • apa.csl
  • Other style
More styles
Language
  • de-DE
  • en-GB
  • en-US
  • fi-FI
  • nn-NO
  • nn-NB
  • sv-SE
  • Other locale
More languages
Output format
  • html
  • text
  • asciidoc
  • rtf
v. 2.45.0
|
WCAG
|
Karlstad University
|
University Library
|
Researchers support