An efficient method of extracting strings from unfixed-form data

Sangjun Jeon; Jungheum Park; Keun Gi Lee; Sangjin Lee

doi:10.1007/978-94-007-4516-2_43

An efficient method of extracting strings from unfixed-form data

Sangjun Jeon, Jungheum Park, Keun Gi Lee, Sangjin Lee

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution

Abstract

As all the society becomes computerized, there increases computerized data, and for digital forensic investigations, there is a great deal of unfixed-form data collected, whose exact forms are difficult to figure out, such as physical memory or page files. The most efficient method for investigating unfixed-form data is to extract strings. In case of document files, strings extracted from unfixed-form data come to include contents of the relevant documents, and in case of physical memory or page files, they can even include passwords that users have entered in addition to traces of users' using a messenger or a web page. Although extracting strings plays an important role in investigating unfixed-form data like this, the present method of extracting string includes a number of meaningless strings, while being carried out without considering the Unicode environment properly. Accordingly, this thesis intends to suggest a way of excluding meaningless strings effectively while considering the Unicode environment during the process of extracting strings.

Original language	English
Title of host publication	Future Information Technology, Application, and Service, FutureTech 2012
Pages	425-434
Number of pages	10
Edition	VOL. 1
DOIs	https://doi.org/10.1007/978-94-007-4516-2_43
Publication status	Published - 2012
Event	7th FTRA International Conference on Future Information Technology, FutureTech 2012 - Vancouver, BC, Canada Duration: 2012 Jun 26 → 2012 Jun 28

Publication series

Name	Lecture Notes in Electrical Engineering
Number	VOL. 1
Volume	164 LNEE
ISSN (Print)	1876-1100
ISSN (Electronic)	1876-1119

Other

Other	7th FTRA International Conference on Future Information Technology, FutureTech 2012
Country/Territory	Canada
City	Vancouver, BC
Period	12/6/26 → 12/6/28

Keywords

Pagefile
String
Unallocated space

ASJC Scopus subject areas

Industrial and Manufacturing Engineering

Access to Document

10.1007/978-94-007-4516-2_43

Cite this

An efficient method of extracting strings from unfixed-form data. / Jeon, Sangjun; Park, Jungheum; Lee, Keun Gi et al.
Future Information Technology, Application, and Service, FutureTech 2012. VOL. 1. ed. 2012. p. 425-434 (Lecture Notes in Electrical Engineering; Vol. 164 LNEE, No. VOL. 1).

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution

Jeon, S, Park, J, Lee, KG & Lee, S 2012, An efficient method of extracting strings from unfixed-form data. in Future Information Technology, Application, and Service, FutureTech 2012. VOL. 1 edn, Lecture Notes in Electrical Engineering, no. VOL. 1, vol. 164 LNEE, pp. 425-434, 7th FTRA International Conference on Future Information Technology, FutureTech 2012, Vancouver, BC, Canada, 12/6/26. https://doi.org/10.1007/978-94-007-4516-2_43

@inproceedings{0e23d2833a9c49cb8ce5bca5cbaa569e,

title = "An efficient method of extracting strings from unfixed-form data",

abstract = "As all the society becomes computerized, there increases computerized data, and for digital forensic investigations, there is a great deal of unfixed-form data collected, whose exact forms are difficult to figure out, such as physical memory or page files. The most efficient method for investigating unfixed-form data is to extract strings. In case of document files, strings extracted from unfixed-form data come to include contents of the relevant documents, and in case of physical memory or page files, they can even include passwords that users have entered in addition to traces of users' using a messenger or a web page. Although extracting strings plays an important role in investigating unfixed-form data like this, the present method of extracting string includes a number of meaningless strings, while being carried out without considering the Unicode environment properly. Accordingly, this thesis intends to suggest a way of excluding meaningless strings effectively while considering the Unicode environment during the process of extracting strings.",

keywords = "Pagefile, String, Unallocated space",

author = "Sangjun Jeon and Jungheum Park and Lee, {Keun Gi} and Sangjin Lee",

note = "Funding Information: This research was supported by Bio R&D program through the National Research Foundation of Korea funded by the Ministry of Education, Science and Technology (2011-0027732).; 7th FTRA International Conference on Future Information Technology, FutureTech 2012 ; Conference date: 26-06-2012 Through 28-06-2012",

year = "2012",

doi = "10.1007/978-94-007-4516-2_43",

language = "English",

isbn = "9789400745155",

series = "Lecture Notes in Electrical Engineering",

number = "VOL. 1",

pages = "425--434",

booktitle = "Future Information Technology, Application, and Service, FutureTech 2012",

edition = "VOL. 1",

}

TY - GEN

T1 - An efficient method of extracting strings from unfixed-form data

AU - Jeon, Sangjun

AU - Park, Jungheum

AU - Lee, Keun Gi

AU - Lee, Sangjin

N1 - Funding Information: This research was supported by Bio R&D program through the National Research Foundation of Korea funded by the Ministry of Education, Science and Technology (2011-0027732).

PY - 2012

Y1 - 2012

N2 - As all the society becomes computerized, there increases computerized data, and for digital forensic investigations, there is a great deal of unfixed-form data collected, whose exact forms are difficult to figure out, such as physical memory or page files. The most efficient method for investigating unfixed-form data is to extract strings. In case of document files, strings extracted from unfixed-form data come to include contents of the relevant documents, and in case of physical memory or page files, they can even include passwords that users have entered in addition to traces of users' using a messenger or a web page. Although extracting strings plays an important role in investigating unfixed-form data like this, the present method of extracting string includes a number of meaningless strings, while being carried out without considering the Unicode environment properly. Accordingly, this thesis intends to suggest a way of excluding meaningless strings effectively while considering the Unicode environment during the process of extracting strings.

AB - As all the society becomes computerized, there increases computerized data, and for digital forensic investigations, there is a great deal of unfixed-form data collected, whose exact forms are difficult to figure out, such as physical memory or page files. The most efficient method for investigating unfixed-form data is to extract strings. In case of document files, strings extracted from unfixed-form data come to include contents of the relevant documents, and in case of physical memory or page files, they can even include passwords that users have entered in addition to traces of users' using a messenger or a web page. Although extracting strings plays an important role in investigating unfixed-form data like this, the present method of extracting string includes a number of meaningless strings, while being carried out without considering the Unicode environment properly. Accordingly, this thesis intends to suggest a way of excluding meaningless strings effectively while considering the Unicode environment during the process of extracting strings.

KW - Pagefile

KW - String

KW - Unallocated space

UR - http://www.scopus.com/inward/record.url?scp=84867083532&partnerID=8YFLogxK

U2 - 10.1007/978-94-007-4516-2_43

DO - 10.1007/978-94-007-4516-2_43

M3 - Conference contribution

AN - SCOPUS:84867083532

SN - 9789400745155

T3 - Lecture Notes in Electrical Engineering

SP - 425

EP - 434

BT - Future Information Technology, Application, and Service, FutureTech 2012

T2 - 7th FTRA International Conference on Future Information Technology, FutureTech 2012

Y2 - 26 June 2012 through 28 June 2012

ER -

An efficient method of extracting strings from unfixed-form data

Abstract

Publication series

Other

Keywords

ASJC Scopus subject areas

Access to Document

Other files and links

Fingerprint

Cite this