File Format Identification

Abstract

Digital forensics examiners acquire large numbers of files as they carry out their investigations. Effective exploitation of the files found on seized media depends upon accurate file format identification. However, file format identification is a hard problem. Existing tools and techniques fail to identify all of the files that an investigator may have interest in. This paper describes the state of the art in file format identification, existing tools and evaluations thereof, and some of the new techniques developed for the File Format Identification MITRE Sponsored Research project.

Open PDF

Document Details

Document Type
Technical Report
Publication Date
Jan 01, 2010
Accession Number
AD1108260

Entities

People

  • Kent Vidrine

Organizations

  • MITRE Corporation

Tags

Communities of Interest

  • Materials and Manufacturing Processes

DTIC Thesaurus Topics

  • Computational Forensics
  • Computer Programming
  • Computer Programs
  • Computer Science
  • Computers
  • Corporations
  • Errors
  • Fingerprints
  • Identification
  • Language
  • Natural Languages
  • Operating Systems
  • Personal Computers
  • Programming Languages
  • Prototypes
  • Recognition
  • Robotics
  • Sequences
  • Statistical Analysis
  • Test Sets

Fields of Study

  • Engineering

Readers

  • Database Systems and Applications
  • Systems Analysis and Design