Kamaruddin Malik, Mohamad and Herawan, Tutut and Mustafa, Mat Deris (2011) Detecting JFIF header using FORHEADER. International Journal of Security and its Applications, 5 (4). pp. 23-36. ISSN 1738-9976. (Published)
|
Pdf
Detecting JFIF header using FORHEADER.pdf Download (265kB) | Preview |
Abstract
Header and footer are important in digital investigation for JPEG file detection as only 16% of files are fragmented. The use of efficient algorithm to detect them is vital to reduce time taken for analyzing ever increasing data in hard drive or physical memory. Even though there are few applications developed for file carving that rely on header and footer e.g. Foremost, Scalpel; however the algorithm used for header detection is not much discussed. In this paper, we introduce three novel algorithms; single-byte-marker, dual-byte-marker and 20-point-reference for JPEG File Interchange Format (JFIF) header detection using a newly introduced FORHEADER model. Three experiments have been carried out using an image from hard disk and physical memory; and raw data from Digital Workshop Forensics Research Workshop 2006 (DFRWS 2006) challenge. The results obtained showed that dualbyte-marker algorithm provides better performance in terms of processing time for JFIF header detection.
| Item Type: | Article |
|---|---|
| Additional Information: | Indexed by Scopus |
| Uncontrolled Keywords: | File carving; Digital forensics; JFIF detection; JPEG |
| Subjects: | Q Science > QA Mathematics > QA76 Computer software |
| Faculty/Division: | Faculty of Computer System And Software Engineering |
| Depositing User: | Mrs. Neng Sury Sulaiman |
| Date Deposited: | 11 Feb 2020 07:27 |
| Last Modified: | 11 Feb 2020 07:27 |
| URI: | http://umpir.ump.edu.my/id/eprint/25589 |
| Download Statistic: | View Download Statistics |
Actions (login required)
 |
View Item |