BROWSE
Detail
Conference Paper
High Speed Search for Large-Scale Digital Forensic Investigation
Cited - time in 
Share 
Share
- Authors
- Hyung Keun Jee, Joo Young Lee, Do Won Hong
- Issue Date
- 2008-01
- Citation
- International Conference on Forensic Applications and Techniques in Telecommunications, Information, and Multimedia and Workshop (e-Forensics) 2008, pp.1-4
- Language
- English
- Type
- Conference Paper
- Abstract
- The most common forensic activity is searching a hard disk for string of data. Nowadays, investigators and analysts are increasingly experiencing large, even terabyte sized data sets when conducting digital investigations. Therefore consecutive searching can take weeks to complete successfully. There are two primary search methods: index-based search and bitwise search. Index-based searching is very fast after the initial indexing but initial indexing takes a long time. In this paper, we discuss a high speed bitwise search model for large-scale digital forensic investigations. We used pattern matching board, which is generally used for network security, to search for string and complex regular expressions. Our results indicate that in many cases, the use of pattern matching board can substantially increase the performance of digital forensic search tools.
- KSP Keywords
- Data sets, Hard disks, High Speed, Index-based, Long time, Search model, digital forensic investigation, large-scale, network Security, pattern matching, regular expressions