ITWS and CS Colloquium - Simson Garfinkel Talk Rescheduled for February 21st, 2014 at 3:30 PM in DCC 337
JOINT COLLOQUIUM INFORMATION TECHNOLOGY AND WEB SCIENCE (ITWS) AND COMPUTER SCIENCE (CSCI) Prof. Simson L. Garfinkel Naval Postgraduate School Arlington, Virginia Digital Forensics Innovation: Searching A Terabyte of Data in 10 minutes Most digital forensics tools follow a simple model of “visibility, filter and report” – the tool extracts all of the information on a subject’s disk drive, this information is filtered according to search terms, and finally a detailed report is created by a trained examiner. The problem with this model is that it cannot keep up with the growing amount of storage on desktops and in the cloud, the increasing diversity of data formats, or the growing perniciousness of malware. This talk presents a new approach that allows rapid triage of digital storage devices using random sampling, bulk data analysis, and the presence of distinct, recognizable sectors that are commonly found in user-generated documents, multimedia, and encrypted files. It