![]() A modern cybersecurity mixed file data set called NapierOne is presented, primarily aimed at, but not limited to, ransomware detection and forensic analysis research. It was found when reviewing the ransomware detection research literature that almost no proposal provided enough detail on how the test data set was created, or sufficient description of its actual content, to allow it to be recreated by other researchers interested in reconstructing their environment and validating the research results. An investigator could, therefore, search for the unique characteristics to identify a JPEG fragment during a digital investigation process. Specifically, the initial results from the experiment show that JPEG 8 × 8 blocks have unique characteristics which can be leveraged for digital forensics. The experimental result that was conducted with 21 images of JFIF format with 1008 blocks shows the efficacy of the proposed technique. This study develops a technique that can identify the unique signature of JPEG 8 × 8 blocks using the Error Level Analysis technique, implemented in MATLAB. Existing works have exhibited a high false-positive rate, therefore rendering the need for manual validation. Whilst there exist several challenges, this paper focuses on the challenge of determining the coexistence of JPEG fragments within various file fragment types. Of interest has been fragmented file carving and recovery which forms a major aspect of digital forensics research on JPEG files. The popularity of unique image compression features of image files opens an interesting research analysis process, given that several digital forensics cases are related to diverse file types.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |