Abstract

An algorithm that has been developed for keyword searching on forensic images is something that isn’t widely dispersed within the forensic community, due to minimal research and literature being carried out and applied within this topic area. This research aims to build upon this by developing and enhancing the efficiency of keyword search through the creation of an algorithm.This has been tested against forensic image formats with the implementation of a scientific method. With the approach demonstrating the efficiency of an algorithm which uses parallel keyword searching to locate a keyword, this has been implemented within the algorithm that has been have created. The results collected are then cross compared against the timings of open source software tools that are developed for the keyword searching of a forensic image.

References

• 27037:2012, I. (2017) ISO/IEC 27037:2012 - Information technology -- Security techniques -- Guidelines for identification, collection, acquisition and preservation of digital evidence. [Online] Available from: https://www.iso.org/standard/44381.html [Accessed 13/11/2017]
• ABOU-ASSALEH, T. and AI, W. (2004) Survey of Global Regular Expression Print (GREP) Tools.
• ANDERSON, D. et al. (2016) An introduction to Management science. 15th ed. Boston: Cengage
• ARY, D. et al. (2018) Introduction to Research in Education. 10th ed. Cengage
• Association of Chief Police Officers (ACPO) (2013) ACPO Guidelines on Computer Based Electronic Evidence. [Online] Available from: http://www.digital-detective.net/digital-forensics-documents/ACPO_Good_Practice_Guide_for_Digital_Evidence_v5.pdf [Accessed 13/11/2017]
• BABU, J. and SUMATHI, K. (2014) An Approach to Improve Computer Forensic Analysis via Document Clustering Alogrithms. 2nd ed. International Journal of Innovative Research in Computer and Communication Engineering
• BASIAS, N. and POLLALIS, Y. (2018) Quantitative and Qualitative Research in Business & Technology: Justifying a Suitable Research Methodology. Available from http://sibresearch.org/uploads/3/4/0/9/34097180/riber_7-s1_sp_h17-083_91-105.pdf
• BEM, D. et al. (2008) Computer Forensics- Past, Present and Future. Journal of Information Science and Technologyp.44
• CARRIER, B. (2017) Autopsy. [Online] Available from: https://www.sleuthkit.org/autopsy/ [Accessed 9/2/2018]
• CASEY, E. and BRENNER, S. (2011) Digital evidence and computer crime: Forensic Science, Computers, and the Internet by Eoghan Casey. 3rd ed. Waltham, MA: Academic Press
• COHEN, L., MANION, L. and MORRISON, K. (2013) Research methods in education. 7th ed. Routledge
• COHEN, M., GARFINKEL, S. and SCHATZ, B. (2009) Extending the advanced forensic format to accommodate multiple data sources, logical evidence, arbitrary information and forensic workflow. Digital InvestigationVol. 6 , pp.S57-S68
• COONS, P. (2014) 3 Methods of Forensic Imaging. [Online] Available from: http://www.d4discovery.com/discover-more/3-methods-of-forensic-imaging#sthash.PWvsjHdS.dpbs [Accessed 5/4/2018]
• CRAWFORD and STUCKI. (1990) Peer review and the changing research record. Journal of the American Society for Information ScienceVol. 41 (3), pp.223-228
• DECHERCHI, S. et al. (2010) Text Clustering for Digital Forensic Analysis.
• DECHERCHI, S. et al. (2009) Text Clustering for Digital Forensics Analysis. Advances in Intelligent and Soft Computingpp.29-36
• DME Forensics (2014) Forensic Images for DVR Analysis - E01 or DD. [weblog] DME Forensics. Available from: http://info.dmeforensics.com/blog/forensic-images-for-dvr-analysis-e01-or-dd/ [Accessed 10/3/2018]
• dtSearch (2018)– Text Retrieval / Full Text Search Engine. [Online] Available from: https://www.dtsearch.com/ [Accessed 9/2/2018]
• ELLINGWOOD, J. (2013) Using Grep & Regular Expressions to Search for Text Patterns in Linux | DigitalOcean. [Online] Available from: https://www.digitalocean.com/community/tutorials/using-grep-regular-expressions-to-search-for-text-patterns-in-linux [Accessed 13/3/2018]
• Github (2018) Sepero/SearchBin. [Online] Available from: https://github.com/Sepero/SearchBin/blob/master/searchbin.py [Accessed 13/3/2018]
• Golov, N. and Rönnbäck, L., 2015, October. Big data normalization for massively parallel processing databases. In International Conference on Conceptual Modeling (pp. 154-163). Springer, Cham.