Abstract
The use of efficient algorithm to detect JPEG file is vital to reduce time taken for analyzing ever increasing data in hard drive or physical memory. In the previous paper, single-byte-marker algorithm is proposed for header detection. In this paper, another novel header detection algorithm called dual-byte-marker is proposed. Based on the experiments done on images from hard disk, physical memory and data set from DFRWS 2006 Challenge, results showed that dual-byte-marker algorithm gives better performance with better execution time for header detection as compared to single-byte-marker.
Keywords
This is a preview of subscription content, log in via an institution.
Buying options
Tax calculation will be finalised at checkout
Purchases are for personal use only
Learn about institutional subscriptionsPreview
Unable to display preview. Download preview PDF.
References
Garfinkel, S.L.: Carving Continuous and Fragmented Files with Fast Object Validation. Journal of Digital Investigation 4, 2–12 (2007)
Anadabrata, P., Husrev, T., Sencar, N.M.: Detecting File Fragmentation Point Using Sequential Hypothesis Testing. Journal of Digital Investigation 5, 2–13 (2008)
Golden, R., Roussev, G., Scalpel, V.: A Frugal, High Performance File Carver. In: The Proceedings of the 2005 digital forensics research workshop (2005)
Karresand, M., Shahmeri, N.: Reassembly of Fragmented JPEG Images Containing Restart Markers. IEEE press, Los Alamitos (2008)
Pal, A., Shanmugasundaram, K., Memon, N.: Automated Reassembly of Fragmented Images, AFOSR Grant F49620-01-1-0243 (2003)
Memon, N., Pal, A.: Automated Reassembly of File Fragmented Images Using Greedy Algorithms. IEEE press, Los Alamitos (2006)
Hamilton, E.: JPEG File Interchange File Format – Version 1.02, http://www.w3.org/Graphics/JPEG/jfif3.pdf
JPEG File Interchange Format, http://en.wikipedia.org/wiki/JFIF
Wallace, G.K.: The JPEG Still Picture Compression Standard. IEEE Transactions on Consumer Electronics (1991)
Alvarez, P.: Using Extended File Information (EXIF) File Headers in Digital Evidence Analysis. International Journal of Digital Evidence 2(3) (2004)
Swee, L.H.: JPEG for Digital Panel, Texas Instrument, http://focus.tij.co.jp/jp/lit/an/spra664/spra664.pdf
Mohamad, K.M., Mat Deris, M.: Single-byte-marker for detecting JPEG JFIF header using FORIMAGE-JPEG. In: Proceeding of NCM 2009, pp. 1693–1698 (2009)
Digital Forensics Research Workshop (DFRWS), http://www.dfrws.org/2006/challenge/dfrws-2006-challenge.zip
Haggerty, J., Liewellyn-Jones, D., Taylor, M.: FORWEB: File Fingerprinting for Automated Network Forensics Investigations (2007)
Austin, R.D.: Digital Forensics on the Cheap: Teaching Forensics Using Open Source Tools. ACM Press, New York (2007)
Helix Live CD, http://www.e-fense.com/helix
Helix Live CD, http://forensics.wikia.com/wiki/Helix_LiveCD
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2010 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Mohamad, K.M., Herawan, T., Deris, M.M. (2010). Dual-Byte-Marker Algorithm for Detecting JFIF Header. In: Bandyopadhyay, S.K., Adi, W., Kim, Th., Xiao, Y. (eds) Information Security and Assurance. ISA 2010. Communications in Computer and Information Science, vol 76. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-13365-7_3
Download citation
DOI: https://doi.org/10.1007/978-3-642-13365-7_3
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-642-13364-0
Online ISBN: 978-3-642-13365-7
eBook Packages: Computer ScienceComputer Science (R0)