2018
DOI: 10.15394/jdfsl.2018.1489
|View full text |Cite
|
Sign up to set email alerts
|

Hierarchical Bloom Filter Trees for Approximate Matching

Abstract: Bytewise approximate matching algorithms have in recent years shown significant promise in detecting files that are similar at the byte level. This is very useful for digital forensic investigators, who are regularly faced with the problem of searching through a seized device for pertinent data. A common scenario is where an investigator is in possession of a collection of "known-illegal" files (e.g. a collection of child abuse material) and wishes to find whether copies of these are stored on the seized devic… Show more

Help me understand this report

Search citation statements

Order By: Relevance

Paper Sections

Select...
2
1

Citation Types

0
3
0

Year Published

2018
2018
2024
2024

Publication Types

Select...
3
2

Relationship

0
5

Authors

Journals

citations
Cited by 5 publications
(3 citation statements)
references
References 21 publications
0
3
0
Order By: Relevance
“…Thus,determining wheredata resides andhowtoacquire datacanposemany challenges to DFEs.Forinstance,theDFanalysisofIoTdevicesusedinabusinessorhomeenvironmentcanbe challenginginrelationtoestablishingwhomdatabelongstosincedigitalartefactsmightbeshared ortransmittedacrossmultipledevices.Inaddition,duetothefactthatIoTdevicesutiliseproprietary formatsfordataandcommunicationprotocols,understandingthelinksbetweenartifactsinbothtime andspacecanbeverycomplex.AnotherchallengerelatedtotheDFIofIoTdevicesconcernsthe chainofcustody.Incivilorcriminaltrial,collectingevidenceinaforensicallysoundmannerand preservingchainofcustodyareofparamountimportance (Montasari,2017c;Montasarietal.,2019;Montasarietal.,2019;Montasari,2018;Montasari,2017a;Montasari,2016e OtherforensicchallengesposedbyIoTdevicesincludeissuessuchasavailability,authenticity and non-repudiation which are essential for forensically sound used of data (Lillis et al, 2016). PersistencyofdataisalsoanotherchallengeposedbyIoTdeviceswhichtendtohavelimitedmemory ornopersistentdatastorage.Consequently,anydatastoredforlongerperiodsislikelytobestored inin-networkhubsortobetransferredtothecloudformorepersistentstorage.Asaresult,problems associatedwithCloudForensics(asdiscussedinSub-Section2.1)willalsoberelevanttothefield ofIoT.Althoughoverthepastfewyears,theresearchcommunityhavebeenexaminingIoTdevices forthepurposesofforensics,theseworksarestillintheirinfancy.Therefore,inordertokeeppace withthenewIoTdevices,IoTForensicsrequiresamulti-facetedapproachinwhichevidencecan becollectedandanalysedfromavarietyofsourcessuchassensordevices,communicationdevices andcloudstorage,etc.…”
Section: Internet Of Things (Iot) Forensicsmentioning
confidence: 99%
“…Thus,determining wheredata resides andhowtoacquire datacanposemany challenges to DFEs.Forinstance,theDFanalysisofIoTdevicesusedinabusinessorhomeenvironmentcanbe challenginginrelationtoestablishingwhomdatabelongstosincedigitalartefactsmightbeshared ortransmittedacrossmultipledevices.Inaddition,duetothefactthatIoTdevicesutiliseproprietary formatsfordataandcommunicationprotocols,understandingthelinksbetweenartifactsinbothtime andspacecanbeverycomplex.AnotherchallengerelatedtotheDFIofIoTdevicesconcernsthe chainofcustody.Incivilorcriminaltrial,collectingevidenceinaforensicallysoundmannerand preservingchainofcustodyareofparamountimportance (Montasari,2017c;Montasarietal.,2019;Montasarietal.,2019;Montasari,2018;Montasari,2017a;Montasari,2016e OtherforensicchallengesposedbyIoTdevicesincludeissuessuchasavailability,authenticity and non-repudiation which are essential for forensically sound used of data (Lillis et al, 2016). PersistencyofdataisalsoanotherchallengeposedbyIoTdeviceswhichtendtohavelimitedmemory ornopersistentdatastorage.Consequently,anydatastoredforlongerperiodsislikelytobestored inin-networkhubsortobetransferredtothecloudformorepersistentstorage.Asaresult,problems associatedwithCloudForensics(asdiscussedinSub-Section2.1)willalsoberelevanttothefield ofIoT.Althoughoverthepastfewyears,theresearchcommunityhavebeenexaminingIoTdevices forthepurposesofforensics,theseworksarestillintheirinfancy.Therefore,inordertokeeppace withthenewIoTdevices,IoTForensicsrequiresamulti-facetedapproachinwhichevidencecan becollectedandanalysedfromavarietyofsourcessuchassensordevices,communicationdevices andcloudstorage,etc.…”
Section: Internet Of Things (Iot) Forensicsmentioning
confidence: 99%
“…Web applications that have a user account linked to a device and that can be synced will also be reviewed, and finally if any evidence is acquired, how valuable and accurate is the evidence. The increasing amount of digital devices that use various hardware and software increases the challenges and difficulties that face the digital forensics sector [1], current obstacles are indicated by [2] and include complexity, consistency, data volume, and unified time-lining of evidence due to multiple time zones. Digital forensics will be able to assist in a many more crimes and investigations if more is done to fill the research void and by conducting the related research, build a greater knowledge of fitness bands.…”
Section: Introductionmentioning
confidence: 99%
“…The IoT and the Smart City bring a new scale and scope to e‐evidence, from all types of governmental, commercial and consumer systems, into the “cloud” and beyond. Inadequate abstraction of objects as evidence, data complexity, diversity and heterogeneity, scale and validation, visualization and identity management challenge our grip on these growing data masses and how legal rules map to the technical implementation ,…”
Section: Introductionmentioning
confidence: 99%