Distinct Sector Hashes for Target File Detection

Joel Young; Kevin Fairbanks; Kristina Foster; Simson Garfinkel

doi:10.1109/MC.2012.327

Computer
2012
Issue No. 12 - Dec.
Abstract - Distinct Sector Hashes for Target File Detection

	This Article
	Subscribers, please Login Purchase article: $19 PDF HTML IEEE Xplore Subscribers RSS feed
	Share
	Email this Article to a friend
	Bibliographic References
	ASCII Text BibTex RefWorks Procite/RefMan/EndNote
	Add to:
	Digg Furl Spurl Blink Simpy Google Del.icio.us Y!MyWeb
	Search
	Similar Articles Articles by Joel Young Articles by Kristina Foster Articles by Simson Garfinkel Articles by Kevin Fairbanks

Distinct Sector Hashes for Target File Detection

Dec. 2012 (vol. 45 no. 12)

pp. 28-35

	ASCII Text	x
	Joel Young, Kristina Foster, Simson Garfinkel, Kevin Fairbanks, "Distinct Sector Hashes for Target File Detection," Computer, vol. 45, no. 12, pp. 28-35, Dec., 2012.

	BibTex	x
	@article{ 10.1109/MC.2012.327, author = {Joel Young and Kristina Foster and Simson Garfinkel and Kevin Fairbanks}, title = {Distinct Sector Hashes for Target File Detection}, journal ={Computer}, volume = {45}, number = {12}, issn = {0018-9162}, year = {2012}, pages = {28-35}, doi = {http://doi.ieeecomputersociety.org/10.1109/MC.2012.327}, publisher = {IEEE Computer Society}, address = {Los Alamitos, CA, USA}, }

	RefWorks Procite/RefMan/Endnote	x
	TY - MGZN JO - Computer TI - Distinct Sector Hashes for Target File Detection IS - 12 SN - 0018-9162 SP28 EP35 EPD - 28-35 A1 - Joel Young, A1 - Kristina Foster, A1 - Simson Garfinkel, A1 - Kevin Fairbanks, PY - 2012 KW - Digital forensics KW - Malware KW - Computers KW - Forensics KW - File systems KW - Cryptography KW - sector hashing KW - digital forensics KW - computer security VL - 45 JA - Computer ER -

Joel Young, Naval Postgraduate School

Kristina Foster, Naval Postgraduate School

Simson Garfinkel, Naval Postgraduate School

Kevin Fairbanks, Johns Hopkins University

DOI Bookmark: http://doi.ieeecomputersociety.org/10.1109/MC.2012.327

Using an alternative approach to traditional file hashing, digital forensic investigators can hash individually sampled subject drives on sector boundaries and then check these hashes against a prebuilt database, making it possible to process raw media without reference to the underlying file system.

Index Terms:

Digital forensics,Malware,Computers,Forensics,File systems,Cryptography,sector hashing,digital forensics,computer security

Citation:

Joel Young, Kristina Foster, Simson Garfinkel, Kevin Fairbanks, "Distinct Sector Hashes for Target File Detection," Computer, vol. 45, no. 12, pp. 28-35, Dec. 2012, doi:10.1109/MC.2012.327

Peer Review Notice | Give Us Feedback

Usage of this product signifies your acceptance of the Terms of Use.