Title :
The impact of data fragment sizes on file type recognition
Author :
Nguyen, Khanh ; Tran, Duke ; Wanli Ma ; Sharma, Divya
Author_Institution :
Fac. of Educ., Sci., Technol. & Math., Univ. of Canberra, Canberra, ACT, Australia
Abstract :
Determining the original file type of data fragments helps data recovery, spam detection, virus scanning, and network monitoring operations. In many cases, only unordered fragments of the original file are available for investigation. Therefore, we can only base on the content of a fragment to identify its file type. However, data fragments come with different sizes, as they may be the residual data recovered from storage media or network packets. It is stated that identifying the file type of larger fragments is easier than the smaller size ones [1]. Therefore, it is important to study the impact of data fragment sizes on file type recognition. In this paper, we study the results of applying machine learning technique to identify file types of data fragments of different sizes in order to find the minimum size required for file type recognition purpose.
Keywords :
computer viruses; data handling; learning (artificial intelligence); unsolicited e-mail; data fragment sizes; data recovery; file type recognition purpose; machine learning technique; network monitoring operations; network packets; residual data; spam detection; storage media; virus scanning; Accuracy; Digital forensics; Entropy; Security; Support vector machine classification; Vectors; Digital forensics; file fragment classification; optimal data chunk size;
Conference_Titel :
Natural Computation (ICNC), 2014 10th International Conference on
Conference_Location :
Xiamen
Print_ISBN :
978-1-4799-5150-5
DOI :
10.1109/ICNC.2014.6975930
