Title :
Single-byte-marker for Detecting JPEG JFIF Header Using FORIMAGE-JPEG
Author :
Mohamad, Kamaruddin Malik ; Deris, Mustafa Mat
Author_Institution :
Fac. of Inf. Technol. & Multimedia, Univ. Tun Hussein Onn Malaysia (UTHM), Batu Pahat, Malaysia
Abstract :
Header and footer detection is important in digital investigation for file type detection. The use of efficient algorithm to detect them is vital to reduce time taken for analyzing ever increasing data in hard drive or physical memory. Even though there are few applications developed e.g. Foremost, Scalpel; however the algorithm used for header detection is not discussed much. This paper introduces two algorithms: single-byte-marker and 20-point-reference for header detection. Few experiments have been done using image taken from Helix Live CD from 8 MB hard disk partition, 1 GB physical memory and raw data from DFRWS 2006 challenge.The results show that single-byte-marker algorithm is more efficient for header detection.
Keywords :
police data processing; security of data; 20-point-reference; FORIMAGE-JPEG; digital evidence; file type detection; header detection; single-byte-marker; Algorithm design and analysis; Cryptography; Data analysis; Forensics; Hard disks; Image reconstruction; Information technology; Partitioning algorithms; Protection; System testing; Data Recovery; Digital Evidence; JPEG JFIF; Memory Forensics;
Conference_Titel :
INC, IMS and IDC, 2009. NCM '09. Fifth International Joint Conference on
Conference_Location :
Seoul
Print_ISBN :
978-1-4244-5209-5
Electronic_ISBN :
978-0-7695-3769-6
DOI :
10.1109/NCM.2009.22
