Abstract
Due to the tremendous improvement of internet technology and increasing importance of privacy, security, and wise use of computational resources, the corresponding technologies are increasingly being faced with the problem of file type detection. Digital forensics deals with an investigation of digital evidence to enable investigators to detect the facts for the offences. In digital forensics, there are numerous file formats in use and criminals have started using either non-standard file formats or change extensions of files while storing or transmitting them over a network. This makes recovering data out of these files difficult. This also poses a very severe problem for the unauthorized users to send malicious data across the network and it is essential to tackle this e-crime which may harm the entire organization and network . File type detection has the most usage and importance in the proper functionality of operating systems, firewalls, intrusion detection systems, anti viruses, filters, steganalysis and computer forensics. Certain organizations may ban specific file formats via their intranet or E-mail services and the technique to change file extension in sending across has to be severely monitored. Identifying the type of file format of a digital object will be a crucial function on ingest to a digital repository thereby attaining improved security and fraud prevention .This paper focuses on identifying the true file type , detect the presence of embedded data types to improve analysis efficiency in Digital forensic .
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
References
Hall, G.A., Davis, W.P.: Sliding Window Measurement for File Type Identification. In: Proceedings of IEEE Workshop on Information Assurance Workshop (June 2006)
Haggerty, J., Taylor, M.: FORSIGS; Forensic Signature Analysis of the Hard Drive for Multimedia File Fingerprints. In: IFIP TC11 International Information Security Conference, Sandton, South Africa (2006)
Karresand, M., Shahmehri, N.: Oscar: File Type Identification of Binary Data in Disk Clusters and RAM Pages. In: Proceedings of IFIP International Information Security Conference: Security and Privacy in Dynamic Environments (SEC 2006), Karlstad, Sweden, pp. 413–424. Springer, Heidelberg (May 2006)
Martin, K., Nahid, S.: File type identification of data fragments by their binary structure. In: Proceedings of the IEEE Workshop on Information Assurance (2006)
Ahmed, I., Lhee, K.-s., Shin, H., Hong, M.: On Improving the Accuracy and Performance of Content-based File Type Identification. In: Boyd, C., González Nieto, J. (eds.) ACISP 2009. LNCS, vol. 5594, pp. 44–59. Springer, Heidelberg (2009)
Ahmed, I., Lhee, K.-s., Shin, H., Hong, M.: Fast File-type Identification. In: Proceedings of the 25th ACM Symposium on Applied Computing (ACM SAC 2010). ACM, Sierre (March 2010)
Martin, K., Nahid, S.: Oscar - file type identification of binary data in disk clusters and RAM pages. In: IFIP Security and Privacy in Dynamic Environments, pp. 413–424 (2006)
Martin, K., Nahid, S.: File type identification of data fragments by their binary structure. In: Proceedings of the IEEE Workshop on Information Assurance, pp. 140–147 (2006)
McDaniel, M., Heydari, M.H.: Content Based File Type Detection algorithms. In: IEEE Proceedings of the 36th Hawaii International Conference on System Sciences (2003)
Amirani, M.C., Toorani, M., Shirazi, A.A.B.: A New Approach to Content-based File type Detection. In: Proceedings of the 13th IEEE Symposium on Computers and Communications (ISCC 2008), pp. 1103–1108. IEEE ComSoc, Marrakech (July 2008)
Erbacher, R.F., Mulholland, J.: Identification and Localization of Data Types within Large-Scale File Systems. In: Proceedings of the 2nd International Workshop on Systematic Approaches to Digital Forensic Engineering, Seattle, WA (April 2007)
Roussev, V., Garfinkel, S.: File Classification Fragment-The Case for Specialized Approaches. In: Systematic Approaches to Digital Forensics Engineering (IEEE/SADFE 2009), Oakland, California (2009)
Lechich, R.: File Format Identification and Validation Tools. In: Integrated Library & Technology Systems. Yale University Library, New Haven
Harris, R.M.: Using Artificial Neural Networks for Forensic File Type Identification. Master’s Thesis, Purdue University (May 2007)
Ware, R.: File Extension Renaming and Signaturing. Digital Forensics (September 19, 2006)
Moody, S.J., Erbacher, R.F.: SÁDI – Statistical Analysis for Data type Identification. In: 3rd International Workshop on Systematic Approaches to Digital Forensic Engineering (2008)
Veenman, C.J.: Statistical disk cluster classification for file carving. In: IEEE Third International Symposium on Information Assurance and Security, pp. 393–398 (2007)
Calhoun, W.C., Coles, D.: Predicting the types of file fragments. In: Digital Forensic Research Workshop. Elsevier, Amsterdam (2008)
Li, W.-J., Wang, K., Stolfo, S.J., Herzog, B.: Fileprints: Identifying File Types by n-gram Analysis. In: Proceedings of the 2005 IEEE Workshop on Information Assurance (2005)
Lin, X., Xiong, Y.: Detection and analysis of table of contents based on content association. International Journal of Document Analysis (2006)
Mohay, G., Anderson, A., Collie, B., De Vel, O., Mc Kemmish, R.: Computer and Intrusion Forensics. Artech House, Inc. (2003)
File extensions, http://www.file-extension.com/
Magic numbers, http://qdn.qnx.com/support/docs/qnx4/utils/m/magic.html
File Format Registry, http://hul.harvard.edu/~stephen/Format_Registry.doc
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2010 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Dhanalakshmi, R., Chellappan, C. (2010). Detection and Recognition of File Masquerading for E-mail and Data Security. In: Meghanathan, N., Boumerdassi, S., Chaki, N., Nagamalai, D. (eds) Recent Trends in Network Security and Applications. CNSA 2010. Communications in Computer and Information Science, vol 89. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-14478-3_26
Download citation
DOI: https://doi.org/10.1007/978-3-642-14478-3_26
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-642-14477-6
Online ISBN: 978-3-642-14478-3
eBook Packages: Computer ScienceComputer Science (R0)