File Type Identification - Computational Intelligence for Digital Forensics

Konstantinos Karampidis, Giorgos Papadourakis
2017 Journal of Digital Forensics, Security and Law  
In modern world, the use of digital devices for leisure or professional reasons is growing quickly; nevertheless, criminals try to fool authorities and hide evidence in a computer by changing the file type. File type detection is a very demanding task for a digital forensic examiner. In this paper, a new methodology is proposed -in a digital forensics perspective-to identify altered file types with high accuracy by employing computational intelligence techniques. The proposed methodology is
more » ... ied to the three most common image file types (jpg, png and gif) as well as to uncompressed tiff images. A three-stage process involving feature extraction (Byte Frequency Distribution), feature selection (genetic algorithm) and classification (neural network) is proposed. Experimental results were conducted having files altered in a digital forensics perspective and the results are presented. The proposed model shows very high and exceptional accuracy in file type identification.
doi:10.15394/jdfsl.2017.1472 fatcat:7m4brsl7wfavrhmrhawurvsope