Dr Sean McKeown S.McKeown@napier.ac.uk
Lecturer
Fast Filtering of Known PNG Files Using Early File Features
McKeown, Sean; Russell, Gordon; Leimich, Petra
Authors
Dr Gordon Russell G.Russell@napier.ac.uk
Associate Professor
Dr Petra Leimich P.Leimich@napier.ac.uk
Lecturer
Abstract
A common task in digital forensics investigations is to identify known contraband images. This is typically achieved by calculating a cryptographic digest, using hashing algorithms such as SHA256, for each image on a given media, comparing individual digests with a database of known contraband. However, the large capacities of modern storage media, and increased time pressure on forensics examiners, necessitates that more efficient processing mechanisms be developed. This work describes a technique for creating signatures for images of the PNG format which only requires a tiny fraction of the file to effectively distinguish between a large number of images. Highly distinct, and compact, such analysis lays the foundation for future work in fast forensics filtering using subsets of evidential data.
Citation
McKeown, S., Russell, G., & Leimich, P. (2017). Fast Filtering of Known PNG Files Using Early File Features. In Proceedings of the Conference on Digital Forensics, Security and Law
| Presentation Conference Type | Conference Paper (Published) |
|---|---|
| Conference Name | Annual Conference on Digital Forensics, Security and Law |
| Start Date | May 15, 2017 |
| End Date | May 16, 2017 |
| Acceptance Date | Feb 27, 2017 |
| Publication Date | 2017 |
| Deposit Date | Apr 7, 2017 |
| Publicly Available Date | Apr 7, 2017 |
| Series ISSN | 1931-7379 |
| Book Title | Proceedings of the Conference on Digital Forensics, Security and Law |
| Keywords | digital forensics, file filtering, image comparison, image processing, known file analysis |
| Public URL | http://researchrepository.napier.ac.uk/Output/810782 |
| Related Public URLs | http://commons.erau.edu/adfsl/2017/papers/1 |
| Contract Date | Apr 7, 2017 |
Files
Fast filtering of known PNG files using early file features
(527 Kb)
PDF
Publisher Licence URL
http://creativecommons.org/licenses/by-nc-nd/4.0/
Copyright Statement
This Peer Reviewed Paper is brought to you for free and open access by the Conferences at Scholarly Commons. It has been accepted for inclusion in Annual ADFSL Conference on Digital Forensics, Security and Law by an authorized administrator of Scholarly Commons. For more information, please contact commons@erau.edu.
You might also like
InfoScout: An interactive, entity centric, person search tool.
(2016)
Presentation / Conference Contribution
Fingerprinting JPEGs With Optimised Huffman Tables
(2018)
Journal Article
Sub-file Hashing Strategies for Fast Contraband Detection
(2018)
Presentation / Conference Contribution
Reducing the Impact of Network Bottlenecks on Remote Contraband Detection
(2018)
Presentation / Conference Contribution
Investigating people: a qualitative analysis of the search behaviours of open-source intelligence analysts
(2014)
Presentation / Conference Contribution
Downloadable Citations
About Edinburgh Napier Research Repository
Administrator e-mail: repository@napier.ac.uk
This application uses the following open-source libraries:
SheetJS Community Edition
Apache License Version 2.0 (http://www.apache.org/licenses/)
PDF.js
Apache License Version 2.0 (http://www.apache.org/licenses/)
Font Awesome
SIL OFL 1.1 (http://scripts.sil.org/OFL)
MIT License (http://opensource.org/licenses/mit-license.html)
CC BY 3.0 ( http://creativecommons.org/licenses/by/3.0/)
Powered by Worktribe © 2024
Advanced Search