Skip to main content
Conference Proceedings

A new approach to compressed file fragment identification

Advances in Intelligent Systems and Computing (2015) 369 377-387
DOI: 10.1007/978-3-319-19713-5_32
2Citations
Citations of this article
10Readers
Mendeley users who have this article in their library.
Get full text

Abstract

Identifying the underlying type of a file given only a file fragment is a big challenge in digital forensics. Many methods have been applied to file type identification; however the identification accuracies of most of file types are still very low, especially for files having complex structures because their contents are compound data built from different data types. In this paper, we propose a new approach based on the deflate-encoded data detection, entropy-based clustering, and the use of machine learning techniques to identify deflate-encoded file fragments. Experiments on the popular compound file type showed high identification accuracy for the proposed method.

Author supplied keywords

Cite

CITATION STYLE

APA

Nguyen, K., Tran, D., Ma, W., & Sharma, D. (2015). A new approach to compressed file fragment identification. In Advances in Intelligent Systems and Computing (Vol. 369, pp. 377–387). Springer Verlag. https://doi.org/10.1007/978-3-319-19713-5_32

Register to see more suggestions

Mendeley helps you to discover research relevant for your work.

Already have an account?

Save time finding and organizing research with Mendeley

Sign up for free