Abstract
We are presenting a highly-efficient, novel architecture (which we call FAST, or Forensic Analysis of Sensitive Traces) for high-performance big data forensics for heterogeneous systems (CPU and GPU-based). Our model uses a highly-compact storage format of the widely known Aho-Corasick algorithm [1], as well as a partial pruning mechanism to ensure the lowest possible memory footprint, while maximizing throughput performance. We are comparing our performance with classic methods used in data forensics and observe significant memory footprint improvements, as well as massive throughput improvements throughout all stages of big data processing.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Similar content being viewed by others
References
Aho, A., Corasick, M.: Efficient string matching: an aid to bibliographic search. Commun. ACM 18(6), 333–340 (1975)
Malwadkar, A., Patil, S.: Data mining techniques for digital forensic analysis. Int. J. Recent Innov. Trends Comput. Commun. 4(3), 17–22 (2016)
Baggili, I., Breitinger, F.: Data sources for advancing cyber forensics: what the social world has to offer. In: 2015 AAAI Spring Symposium Series. AAAI Publications (2015)
Mercedes, B., Mariela, L.: Solving a big-data problem with GPU: the network traffic analysis. J. Comput. Sci. Technol. 15(1), 30–39 (2015). ISSN 1666–6038
Achile, M., Roger, A.: Obtaining digital evidence from intrusion detection systems. Int. J. Comput. Appl. 95(12), 34–41 (2014). (0975 8887)
Pilli, E., Joshi, R., Niyogi, R.: A framework for network forensic analysis. In: Information and Communication Technologies. ICT: Communications in Computer and Information Science, vol. 101. Springer, Berlin, Heidelberg (2010)
Breeuwsma, M., et al.: Forensic data recovery from flash memory. Small Scale Digit. Device Forensics J. 1(1), 1–17 (2007)
Al-Alawi, A.: Cybercrimes, computer forensics and their impact in business climate: Bahrain status. Res. J. Bus. Manage. 8, 139–156 (2014)
AccessData, F.T.K.: Forensic Toolkit. http://accessdata.com/products-services/forensic-toolkit-ftk
FileSig Software, SimpleCarver. http://www.simplecarver.com/
Scalpel: Scalpel. https://github.com/sleuthkit/scalpel
Pontello, M.: TrID - File Identifier. http://mark0.net/soft-trid-e.html
NVIDIA, NVIDIA CUDA Compute Unified Device Architecture Programming Guide, version 4.1. http://developer.download.nvidia.com/compute/DevZone/docs/html/C/doc/CUDA_C_Programming_Guide.pdf
Pungila, C., Reja, M., Negru, V.: Efficient parallel automata construction for hybrid resource-impelled data-matching. Future Gener. Comput. Syst. 36, 31–41 (2013). ISSN 0167-739X
Pungila, C., Negru, V.: A highly-efficient memory-compression approach for GPU-accelerated virus signature matching. In: Information Security Conference (ISC) (2012)
Pungila, C., Negru, V.: Real-time polymorphic Aho-Corasick automata for heterogeneous malicious code detection. In: International Joint Conference SOCO 2013-CISIS 2013-ICEUTE 2013. Advances in Intelligent Systems and Computing, Series no. 239, pp. 439–448. Springer (2014)
Acknowledgment
This work was partially supported by the VI-SEEM H2020-EINFRA 675121 grant and InnoHPC Interreg - Danube Transnational Programme grant. The views expressed in this paper do not necessarily reflect those of the corresponding projects consortium members.
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2018 Springer International Publishing AG
About this paper
Cite this paper
Pungila, C., Negru, V. (2018). FAST: A High-Performance Architecture for Heterogeneous Big Data Forensics. In: Pérez García, H., Alfonso-Cendón, J., Sánchez González, L., Quintián, H., Corchado, E. (eds) International Joint Conference SOCO’17-CISIS’17-ICEUTE’17 León, Spain, September 6–8, 2017, Proceeding. SOCO ICEUTE CISIS 2017 2017 2017. Advances in Intelligent Systems and Computing, vol 649. Springer, Cham. https://doi.org/10.1007/978-3-319-67180-2_60
Download citation
DOI: https://doi.org/10.1007/978-3-319-67180-2_60
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-319-67179-6
Online ISBN: 978-3-319-67180-2
eBook Packages: EngineeringEngineering (R0)