Wednesday, November 20, 2019
Data Compression Algorithms.Use of Compression Algorithms in Forensics Essay
Data Compression Algorithms.Use of Compression Algorithms in Forensics - Essay Example Therefore, each algorithm has a number of strengths as well as weaknesses. The compression algorithms are also commonly used in forensics. These algorithms are used to reduce space amount required to store data on the computer hard disk. Usually, these algorithms are employed on the large files so that their size may be reduced. Mainly, there are two types of the compression algorithms include: lossless and lossy algorithms. The lossless compression algorithms have been developed to compress the data with hundred percent (100%) original data reconstruction from the compressed data. In these algorithms, you do not lose any data, as it preserves all the data as it is in novel form. For compressing the text or images, the algorithms that are used include: LZW, Borrows-Wheeler transform and LZ77 and Prediction by Partial Matching (also known as PPM). General purpose lossless compression algorithm include: run-length encoding, Lempel-Ziv 1978 (LZ78) and Lempel-Ziv-Welch (LZW). On the othe r hand, the lossy compression algorithms are mostly used to compress audio and video data or files. These algorithms are used to endeavour reducing or even eliminating the superfluous or redundant information from the video or audio files. Typically, the lossy algorithms or techniques attain a advanced level of compression by plummeting the by and large quality of the sound or image. In order to compress an image, the lossy algorithms that are used include: Wavelet Compression, block truncation coding, fractal compression, etc. Whereas, for video files, the algorithms include: DV, MPEG (I to IV), etc. and for the audio file famous techniques are MP3, MP2, AAC etc. Use of Compression Algorithms in Forensics The data compression algorithms are commonly used in forensics tools to get help during electronic investigations. There are a number of implications for the forensic inspector during an analysis or investigation these include: only the lossless compression can be utilized in fore nsics analysis, however, lossy compression cannot be used because it alters the original data but through the hash collisions , a compressed folder or file could be in a combination of both compressed and uncompressed data, it is recommended that the text file or data can always be compressed or decompressed by the lossless algorithms as a word document may contains a number of documents, therefore it is critical to lose any document. It should be kept in mind that if a Word document presents on hard disk in a compressed structure, when deleted then it resides in its compressed form. Therefore, searching a hard disk intended for a keyword will not get any result if the keyword only contained by the compressed deleted file. Whereas, on the other hand, an image file such as the JPEG has already been compressed in high format, therefore, it will yield deprived compression. In fact jpgââ¬â¢s usually have a compressed first cluster (this normally contains manufacturers info) followed by uncompressed clusters and compression units. It should be known to the forensic examiner that decompressing a file without remedy to the files Master File Table (MFT) record might not be achievable i.e. the only sign of whether a compression run has been compressed is within the MFT. It means that if a record of a file named ââ¬Ëdocumentââ¬â¢ is not available in the MFT, the operations of decompressing the file or extracting the compressed file may not be successful. PST Viewer According to the Forensic Control Limited in June 2012, the top (10) free computer forensic software are OSForensics, FTK Imager, Forensic Image Viewer, FoxAnalysis, Mail Viewer, PST Viewer, USB Write Blocker, P2 Explorer, Encrypted Disk Detector, and Dumplt. From the above most famous forensic software I have
Subscribe to:
Post Comments (Atom)
No comments:
Post a Comment
Note: Only a member of this blog may post a comment.