Skip to main content

Reducing the Time Required for Hashing Operations

1Citations
Citations of this article
10Readers
Mendeley users who have this article in their library.

This artice is free to access.

Abstract

Due to the increasingly massive amounts of data that need to be analyzed in digital forensic investigations, it is necessary to automatically recognize suspect files and filter out non-relevant files. To achieve this goal, digital forensic practitioners employ hashing algorithms to classify files into known-good, known-bad and unknown files. However, a typical personal computer may store hundreds of thousands of files and the task becomes extremely time-consuming. This paper attempts to address the problem using a framework that speeds up processing by using multiple threads. Unlike a typical multithreading approach, where the hashing algorithm is performed by multiple threads, the proposed framework incorporates a dedicated prefetcher thread that reads files from a device. Experimental results demonstrate a runtime efficiency of nearly 40% over single threading. © IFIP International Federation for Information Processing 2013.

Cite

CITATION STYLE

APA

Breitinger, F., & Petrov, K. (2013). Reducing the Time Required for Hashing Operations. In IFIP Advances in Information and Communication Technology (Vol. 410, pp. 101–117). Springer New York LLC. https://doi.org/10.1007/978-3-642-41148-9_7

Register to see more suggestions

Mendeley helps you to discover research relevant for your work.

Already have an account?

Save time finding and organizing research with Mendeley

Sign up for free