Difference between pages "File Format Identification" and "User:Johny Ryder"

From ForensicsWiki
(Difference between pages)
Jump to: navigation, search
(Bibliography)
 
m
 
Line 1: Line 1:
File Format Identification is the process of figuring out the format of a sequence of bytes. Operating systems typically do this by file extension or by embedded MIME information. Forensic applications need to identify file types by content.
+
Data expert, tech lover, privacy protector. I started using computers and the internet early 1994. And I can not imagine how I would ever be able to communicate with my friends and family without these products.
  
=Tools=
+
It is great to be able to share through the internet. But (semi) public sharing has its downsides too. I like to read about and work on keeping the protection of private information something individuals can control themselves.
==libmagic==
+
* Written in C.  
+
* Rules in /usr/share/file/magic and compiled at runtime.
+
* Powers the Unix “file” command, but you can also call the library directly from a C program.
+
* http://sourceforge.net/projects/libmagic
+
  
==DROID==
+
But sometimes it is good that there are forensic tools available. Just as long these tools are used properly. I hope people are aware of the possibilities to protect their privacy, and protectors of the public domain are aware of the forensic tools available, and use them properly.
* Writen in Java
+
* Developed by National Archives of the United Kingdom.
+
* http://droid.sourceforge.net
+
  
==TrID==
+
I hereby license all my contributions to this wiki under the Creative Commons Attribution-ShareAlike 2.5 license.
* XML config file
+
* Closed source; free for non-commercial use
+
* http://mark0.net/soft-trid-e.html
+
 
+
==Stellent/Oracle Outside-In==
+
* Proprietary but free demo.
+
* http://www.oracle.com/technology/products/content-management/oit/oit_all.html
+
 
+
[[Category:Tools]]
+
 
+
=Bibliography=
+
Current research papers on the file format identification problem. Most of these papers concern themselves with identifying file format of a few file sectors, rather than an entire file.
+
 
+
* Mason McDaniel, Automatic File Type Detection Algorithm, Masters Thesis, James Madison University,2001
+
 
+
* [http://www2.computer.org/portal/web/csdl/abs/proceedings/hicss/2003/1874/09/187490332a.pdf Content Based File Type Detection Algorithms], Mason McDaniel and M. Hossain Heydari, 36th Annual Hawaii International Conference on System Sciences (HICSS'03) - Track 9, 2003.
+
 
+
* [http://www1.cs.columbia.edu/ids/publications/FilePrintPaper-revised.pdf Fileprints: identifying file types by n-gram analysis], LiWei-Jen, Wang Ke, Stolfo SJ, Herzog B..,  IProceeding of the 2005 IEEE workshop on information assurance; 2005 [http://www.itoc.usma.edu/workshop/2005/Papers/Follow%20ups/FilePrintPresentation-final.pdf [slides]]
+
 
+
* [http://ieeexplore.ieee.org/iel5/10992/34632/01652088.pdf  File type identification of data fragments by their binary structure. ], Karresand Martin, Shahmehri Nahid. Proceedings of the IEEE workshop on information assurance; 2006. p. 140–7. [http://www.itoc.usma.edu/workshop/2006/Program/Presentations/IAW2006-07-3.pdf [slides]]
+
 
+
* FORSIGS; Forensic Signature Analysis of the Hard Drive for Multimedia File Fingerprints, John Haggerty and Mark Taylor, IFIP TC11 International Information Security Conference, 2006, Sandton, South Africa.
+
 
+
* [https://www.cerias.purdue.edu/tools_and_resources/bibtex_archive/archive/2007-19.pdf Using Artificial Neural Networks for Forensic File Type Identification], Ryan M. Harris, Master's Thesis, Purdue University, May 2007
+
 
+
* [http://www.dfrws.org/2008/proceedings/p14-calhoun.pdf Predicting the Types of File Fragments], William Calhoun, Drue Coles, DFRWS 2008 [http://www.dfrws.org/2008/proceedings/p14-calhoun_pres.pdf [slides]]
+
 
+
* [http://www.micsymposium.org/mics_2005/papers/paper7.pdf File Type Detection Technology], Douglas J. Hickok, Daine Richard Lesniak, Michael C. Rowe, 2005 Midwest Instruction and Computing Symposium.
+
 
+
* Karresand and Shahmehri, 2006 Martin Karresand and Nahid Shahmehri, Oscar – file type identification of binary data in disk clusters and RAM pages, IFIP security and privacy in dynamic environments vol. 201 (2006) p. 413–424.  
+
 
+
[[Category:Bibliography]]
+

Revision as of 05:04, 23 December 2011

Data expert, tech lover, privacy protector. I started using computers and the internet early 1994. And I can not imagine how I would ever be able to communicate with my friends and family without these products.

It is great to be able to share through the internet. But (semi) public sharing has its downsides too. I like to read about and work on keeping the protection of private information something individuals can control themselves.

But sometimes it is good that there are forensic tools available. Just as long these tools are used properly. I hope people are aware of the possibilities to protect their privacy, and protectors of the public domain are aware of the forensic tools available, and use them properly.

I hereby license all my contributions to this wiki under the Creative Commons Attribution-ShareAlike 2.5 license.