Forensic feature extraction and cross-drive analysis
نویسنده
چکیده
This paper introduces Forensic Feature Extraction (FFE) and Cross-Drive Analysis (CDA), two new approaches for analyzing large data sets of disk images and other forensic data. FFE uses a variety of lexigraphic techniques for extracting information from bulk data; CDA uses statistical techniques for correlating this information within a single disk image and across multiple disk images. An architecture for these techniques is presented that consists of five discrete steps: imaging, feature extraction, first-order crossdrive analysis, cross-drive correlation, and report generation. CDA was used to analyze 750 images of drives acquired on the secondary market; it automatically identified drives containing a high concentration of confidential financial records as well as clusters of drives that came from the same organization. FFE and CDA are promising techniques for prioritizing work and automatically identifying members of social networks under investigation. We believe it is likely to have other uses as well.
منابع مشابه
Comparison Between Different Methods of Feature Extraction in BCI Systems Based on SSVEP
There are different feature extraction methods in brain-computer interfaces (BCI) based on Steady-State Visually Evoked Potentials (SSVEP) systems. This paper presents a comparison of five methods for stimulation frequency detection in SSVEP-based BCI systems. The techniques are based on Power Spectrum Density Analysis (PSDA), Fast Fourier Transform (FFT), Hilbert- Huang Transform (H...
متن کاملHandwriting in Forensic Investigations
The process of automatic handwriting investigation in forensic science is described. The general scheme of a computer-based handwriting analysis system is used to point out at the basic problems of image enhancement and segmentation, feature extraction and decision-making. Factors that may compromise the accuracy of expert’s conclusion are underlined and directions for future investigations are...
متن کاملComputer Hard Drive Geolocation by HTTP Feature Extraction
Geolocation data have high value to forensic investigators because computer activities may be associated with physical locations in the past. However, locating and extracting useful location information from an off-line disk image is a difficult problem. Most forensic investigations employ tools that focus on extracting content, such as emails, databases, and hidden or deleted data, and then ma...
متن کاملFeature selection using genetic algorithm for classification of schizophrenia using fMRI data
In this paper we propose a new method for classification of subjects into schizophrenia and control groups using functional magnetic resonance imaging (fMRI) data. In the preprocessing step, the number of fMRI time points is reduced using principal component analysis (PCA). Then, independent component analysis (ICA) is used for further data analysis. It estimates independent components (ICs) of...
متن کاملSupervised Feature Extraction of Face Images for Improvement of Recognition Accuracy
Dimensionality reduction methods transform or select a low dimensional feature space to efficiently represent the original high dimensional feature space of data. Feature reduction techniques are an important step in many pattern recognition problems in different fields especially in analyzing of high dimensional data. Hyperspectral images are acquired by remote sensors and human face images ar...
متن کاملذخیره در منابع من
با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید
برای دانلود متن کامل این مقاله و بیش از 32 میلیون مقاله دیگر ابتدا ثبت نام کنید
ثبت ناماگر عضو سایت هستید لطفا وارد حساب کاربری خود شوید
ورودعنوان ژورنال:
- Digital Investigation
دوره 3 شماره
صفحات -
تاریخ انتشار 2006