Centro de Documentação da PJ
Analítico de Periódico
CD 335
File type identification tools for digital investigations [Recurso eletrónico] / Adrien Dubettier ..[et al.]
Forensic Science International: Digital Investigation, Vol. 46 (September 2023), 10 p.
Ficheiro de 1,27 MB em formato PDF.
INFORMÁTICA FORENSE, PROCESSAMENTO DE DADOS, PROVA DIGITAL, TRATAMENTO DA INFORMAÇÃO
Digital forensics is the process of identifying, preserving, analyzing, and documenting digital evidence for investigation purposes. Building or using file analysis tools is of great interest for a forensic expert to collect high-level information in a short time. In this paper, we consider the examination of files contained in digital media, especially files with possible incorrect types. This often reveals a simple way to hide sensitive content such as porn images, passwords, or accounts. Many commercial and free forensic tools are available for file type identification (FTI). In this work, we assess the performance of ten of them on two significant datasets and scenarios. The main issue we address is the relevance of the tools for forensic purposes. The underlying question is: do expectations meet reality? Our experiments highlight the significant disparity in the accuracy and behavior of the studied tools.
