Exploration and validation of the sdhash parameter space
dc.contributor.advisor | Young, Joel D. | |
dc.contributor.advisor | Garfinkel, Simson L. | |
dc.contributor.author | McCarrin, Michael R. | |
dc.contributor.department | Computer Science | |
dc.date | Jun-13 | |
dc.date.accessioned | 2013-08-01T16:51:46Z | |
dc.date.available | 2013-08-01T16:51:46Z | |
dc.date.issued | 2013-06 | |
dc.description.abstract | Cryptographic hashes are commonly used to aid in the examination of digital evidence by providing a method of rapidly identifying targeted content (e.g., incriminating materials) in large quantities of data. Because only exact matches can be detected, this method is easily defeated by even the smallest modification to the data. Approximate matching techniques maintain nearly the speed and space efficiency advantages of cryptographic hashes, while offering a more robust scheme for detecting similar objects. We seek to validate design choices in sdhash, the current state-of-the-art approximate matching algorithm, and suggest alternatives where appropriate. In addition, we clarify various nuances regarding the interpretation of its output so that it can be more effectively applied to forensic analysis. To this end, we provide a detailed analysis of sdhash’s behavior across a variety of relevant scenarios using the FRASH testing framework, and propose strategies for extracting more relevant and granular feedback. | en_US |
dc.description.distributionstatement | Approved for public release; distribution is unlimited. | |
dc.description.recognition | Outstanding Thesis | en_US |
dc.description.service | Civilian, Department of the Navy | en_US |
dc.description.uri | http://archive.org/details/explorationndval1094534704 | |
dc.identifier.uri | https://hdl.handle.net/10945/34704 | |
dc.publisher | Monterey, California: Naval Postgraduate School | en_US |
dc.relation.ispartofseries | NPS Outstanding Theses and Dissertations | |
dc.rights | This publication is a work of the U.S. Government as defined in Title 17, United States Code, Section 101. Copyright protection is not available for this work in the United States. | en_US |
dc.subject.author | Digital Forensics | en_US |
dc.subject.author | Digital Fingerprinting | en_US |
dc.subject.author | Approximate Matching | en_US |
dc.subject.author | Fuzzy Hashing | en_US |
dc.subject.author | Similarity Digests | en_US |
dc.subject.author | sdhash | en_US |
dc.subject.author | FRASH | en_US |
dc.title | Exploration and validation of the sdhash parameter space | en_US |
dspace.entity.type | Publication | |
etd.thesisdegree.discipline | Computer Science | en_US |
etd.thesisdegree.level | Masters | en_US |
etd.thesisdegree.name | Master of Science | en_US |
etd.thesisdegree.name | Master of Science in Computer Science | en_US |
relation.isSeriesOfPublication | c5e66392-520c-4aaf-9b4f-370ce82b601f | |
relation.isSeriesOfPublication.latestForDiscovery | c5e66392-520c-4aaf-9b4f-370ce82b601f |
Files
Original bundle
1 - 1 of 1