A scalable file based data store for forensic analysis. (March 2015)
- Record Type:
- Journal Article
- Title:
- A scalable file based data store for forensic analysis. (March 2015)
- Main Title:
- A scalable file based data store for forensic analysis
- Authors:
- Cruz, Flavio
Moser, Andreas
Cohen, Michael - Abstract:
- Abstract: In the field of remote forensics, the GRR Response Rig has been used to access and store data from thousands of enterprise machines. Handling large numbers of machines requires efficient and scalable storage mechanisms that allow concurrent data operations and efficient data access, independent of the size of the stored data and the number of machines in the network. We studied the available GRR storage mechanisms and found them lacking in both speed and scalability. In this paper, we propose a new distributed data store that partitions data into database files that can be accessed independently so that distributed forensic analysis can be done in a scalable fashion. We also show how to use the NSRL software reference database in our scalable data store to avoid wasting resources when collecting harmless files from enterprise machines.
- Is Part Of:
- Digital investigation. Volume 12(2015)Supplement 1
- Journal:
- Digital investigation
- Issue:
- Volume 12(2015)Supplement 1
- Issue Display:
- Volume 12, Issue 1 (2015)
- Year:
- 2015
- Volume:
- 12
- Issue:
- 1
- Issue Sort Value:
- 2015-0012-0001-0000
- Page Start:
- S90
- Page End:
- S101
- Publication Date:
- 2015-03
- Subjects:
- Distributed database -- Incident response -- Sqlite -- Evidence analysis -- Distributed computing
Forensic sciences -- Data processing -- Periodicals
Criminal investigation -- Data processing -- Periodicals
363.250285 - Journal URLs:
- http://www.sciencedirect.com/science/journal/17422876 ↗
http://www.elsevier.com/journals ↗ - DOI:
- 10.1016/j.diin.2015.01.016 ↗
- Languages:
- English
- ISSNs:
- 1742-2876
- Deposit Type:
- Legaldeposit
- View Content:
- Available online (eLD content is only available in our Reading Rooms) ↗
- Physical Locations:
- British Library DSC - 3588.396620
British Library DSC - BLDSS-3PM
British Library STI - ELD Digital store - Ingest File:
- 22608.xml