OpenForensics: a digital forensics GPU pattern matching approach for the 21st century

Research output: Contribution to journalConference article

19 Downloads (Pure)

Abstract

Pattern matching is a crucial component employed in many digital forensic (DF) analysis techniques, such as file-carving. The capacity of storage available on modern consumer devices has increased substantially in the past century, making pattern matching approaches of current generation DF tools increasingly ineffective in performing timely analyses on data seized in a DF investigation. As pattern matching is a trivally parallelisable problem, general purpose programming on graphic processing units (GPGPU) is a natural fit for this problem. This paper presents a pattern matching framework - OpenForensics - that demonstrates substantial performance improvements from the use of modern parallelisable algorithms and graphic processing units (GPUs) to search for patterns within forensic images and local storage devices.
Original languageEnglish
Pages (from-to)S29-S37
Number of pages9
JournalDigital Investigation
Volume24
Issue numberSuppl.
Early online date21 Mar 2018
DOIs
Publication statusPublished - Mar 2018
EventDFRWS EU 2018 - Convitto della Calza - Oltrarno Meeting Center, Florence, Italy
Duration: 21 Mar 201823 Mar 2018
http://www.dfrws.org/conferences/dfrws-eu-2018

Fingerprint

Pattern matching
Equipment and Supplies
programming
Digital forensics
Graphics processing unit
performance

Cite this

@article{a6664c392b354a9bb7b1f4b38e519c81,
title = "OpenForensics: a digital forensics GPU pattern matching approach for the 21st century",
abstract = "Pattern matching is a crucial component employed in many digital forensic (DF) analysis techniques, such as file-carving. The capacity of storage available on modern consumer devices has increased substantially in the past century, making pattern matching approaches of current generation DF tools increasingly ineffective in performing timely analyses on data seized in a DF investigation. As pattern matching is a trivally parallelisable problem, general purpose programming on graphic processing units (GPGPU) is a natural fit for this problem. This paper presents a pattern matching framework - OpenForensics - that demonstrates substantial performance improvements from the use of modern parallelisable algorithms and graphic processing units (GPUs) to search for patterns within forensic images and local storage devices.",
author = "Ethan Bayne and Ferguson, {R. I.} and Sampson, {A. T.}",
year = "2018",
month = "3",
doi = "10.1016/j.diin.2018.01.005",
language = "English",
volume = "24",
pages = "S29--S37",
journal = "Digital Investigation",
issn = "1742-2876",
publisher = "Elsevier Limited",
number = "Suppl.",

}

OpenForensics : a digital forensics GPU pattern matching approach for the 21st century. / Bayne, Ethan; Ferguson, R. I.; Sampson, A. T.

In: Digital Investigation, Vol. 24, No. Suppl., 03.2018, p. S29-S37.

Research output: Contribution to journalConference article

TY - JOUR

T1 - OpenForensics

T2 - a digital forensics GPU pattern matching approach for the 21st century

AU - Bayne, Ethan

AU - Ferguson, R. I.

AU - Sampson, A. T.

PY - 2018/3

Y1 - 2018/3

N2 - Pattern matching is a crucial component employed in many digital forensic (DF) analysis techniques, such as file-carving. The capacity of storage available on modern consumer devices has increased substantially in the past century, making pattern matching approaches of current generation DF tools increasingly ineffective in performing timely analyses on data seized in a DF investigation. As pattern matching is a trivally parallelisable problem, general purpose programming on graphic processing units (GPGPU) is a natural fit for this problem. This paper presents a pattern matching framework - OpenForensics - that demonstrates substantial performance improvements from the use of modern parallelisable algorithms and graphic processing units (GPUs) to search for patterns within forensic images and local storage devices.

AB - Pattern matching is a crucial component employed in many digital forensic (DF) analysis techniques, such as file-carving. The capacity of storage available on modern consumer devices has increased substantially in the past century, making pattern matching approaches of current generation DF tools increasingly ineffective in performing timely analyses on data seized in a DF investigation. As pattern matching is a trivally parallelisable problem, general purpose programming on graphic processing units (GPGPU) is a natural fit for this problem. This paper presents a pattern matching framework - OpenForensics - that demonstrates substantial performance improvements from the use of modern parallelisable algorithms and graphic processing units (GPUs) to search for patterns within forensic images and local storage devices.

U2 - 10.1016/j.diin.2018.01.005

DO - 10.1016/j.diin.2018.01.005

M3 - Conference article

VL - 24

SP - S29-S37

JO - Digital Investigation

JF - Digital Investigation

SN - 1742-2876

IS - Suppl.

ER -