Adaptation of PyFlag to Efficient Analysis of Seized Computer Data Storage | Zendy

Aleksander Byrski | Zendy; Wojciech S. Stryjewski | Zendy; Bartłomiej Czechowicz | Zendy

AI Assistant Blog Pricing

Home ZAIA Blog

Open Access

Adaptation of PyFlag to Efficient Analysis of Seized Computer Data Storage

Author(s) -

Aleksander Byrski,

Wojciech S. Stryjewski,

Bartłomiej Czechowicz

Publication year - 2010

Publication title -

the journal of digital forensics, security and law

Language(s) - English

Resource type - Journals

eISSN - 1558-7223

pISSN - 1558-7215

DOI - 10.15394/jdfsl.2010.1071

Subject(s) - computer science , hash function , adaptation (eye) , nist , software , identification (biology) , extension (predicate logic) , data mining , database , programming language , physics , botany , natural language processing , optics , biology

Based on existing software aimed at investigation support in the analysis of computer data storage overtaken during investigation (PyFlag), an extension is proposed involving the introduction of dedicated components for data identification and filtering. Hash codes for popular software contained in NIST/NSRL database are considered in order to avoid unwanted files while searching and to classify them into several categories. The extension allows for further analysis, e.g. using artificial intelligence methods. The considerations are illustrated by the overview of the system's design.

The content you want is available to Zendy users.

Already have an account? Click here to sign in.

Having issues? You can contact us here

Accelerating Research