FAST: A High-Performance Architecture for Heterogeneous Big Data Forensics

Pungila, Ciprian; Negru, Viorel

doi:10.1007/978-3-319-67180-2_60

Ciprian Pungila¹⁹ &
Viorel Negru¹⁹

Part of the book series: Advances in Intelligent Systems and Computing ((AISC,volume 649))

Included in the following conference series:

1217 Accesses

Abstract

We are presenting a highly-efficient, novel architecture (which we call FAST, or Forensic Analysis of Sensitive Traces) for high-performance big data forensics for heterogeneous systems (CPU and GPU-based). Our model uses a highly-compact storage format of the widely known Aho-Corasick algorithm [1], as well as a partial pruning mechanism to ensure the lowest possible memory footprint, while maximizing throughput performance. We are comparing our performance with classic methods used in data forensics and observe significant memory footprint improvements, as well as massive throughput improvements throughout all stages of big data processing.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution

Chapter: USD 29.95; Price excludes VAT (USA)

eBook: USD 169.00; Price excludes VAT (USA)

Softcover Book: USD 219.99; Price excludes VAT (USA)

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

References

Aho, A., Corasick, M.: Efficient string matching: an aid to bibliographic search. Commun. ACM 18(6), 333–340 (1975)
Article MathSciNet MATH Google Scholar
Malwadkar, A., Patil, S.: Data mining techniques for digital forensic analysis. Int. J. Recent Innov. Trends Comput. Commun. 4(3), 17–22 (2016)
Google Scholar
Baggili, I., Breitinger, F.: Data sources for advancing cyber forensics: what the social world has to offer. In: 2015 AAAI Spring Symposium Series. AAAI Publications (2015)
Google Scholar
Mercedes, B., Mariela, L.: Solving a big-data problem with GPU: the network traffic analysis. J. Comput. Sci. Technol. 15(1), 30–39 (2015). ISSN 1666–6038
Google Scholar
Achile, M., Roger, A.: Obtaining digital evidence from intrusion detection systems. Int. J. Comput. Appl. 95(12), 34–41 (2014). (0975 8887)
Google Scholar
Pilli, E., Joshi, R., Niyogi, R.: A framework for network forensic analysis. In: Information and Communication Technologies. ICT: Communications in Computer and Information Science, vol. 101. Springer, Berlin, Heidelberg (2010)
Google Scholar
Breeuwsma, M., et al.: Forensic data recovery from flash memory. Small Scale Digit. Device Forensics J. 1(1), 1–17 (2007)
Google Scholar
Al-Alawi, A.: Cybercrimes, computer forensics and their impact in business climate: Bahrain status. Res. J. Bus. Manage. 8, 139–156 (2014)
Article Google Scholar
AccessData, F.T.K.: Forensic Toolkit. http://accessdata.com/products-services/forensic-toolkit-ftk
FileSig Software, SimpleCarver. http://www.simplecarver.com/
Scalpel: Scalpel. https://github.com/sleuthkit/scalpel
Pontello, M.: TrID - File Identifier. http://mark0.net/soft-trid-e.html
NVIDIA, NVIDIA CUDA Compute Unified Device Architecture Programming Guide, version 4.1. http://developer.download.nvidia.com/compute/DevZone/docs/html/C/doc/CUDA_C_Programming_Guide.pdf
Pungila, C., Reja, M., Negru, V.: Efficient parallel automata construction for hybrid resource-impelled data-matching. Future Gener. Comput. Syst. 36, 31–41 (2013). ISSN 0167-739X
Article Google Scholar
Pungila, C., Negru, V.: A highly-efficient memory-compression approach for GPU-accelerated virus signature matching. In: Information Security Conference (ISC) (2012)
Google Scholar
Pungila, C., Negru, V.: Real-time polymorphic Aho-Corasick automata for heterogeneous malicious code detection. In: International Joint Conference SOCO 2013-CISIS 2013-ICEUTE 2013. Advances in Intelligent Systems and Computing, Series no. 239, pp. 439–448. Springer (2014)
Google Scholar

Download references

Acknowledgment

This work was partially supported by the VI-SEEM H2020-EINFRA 675121 grant and InnoHPC Interreg - Danube Transnational Programme grant. The views expressed in this paper do not necessarily reflect those of the corresponding projects consortium members.

Author information

Authors and Affiliations

Faculty of Mathematics and Informatics, Computer Science Department, West University of Timisoara, V. Parvan 4, Timisoara, Romania
Ciprian Pungila & Viorel Negru

Authors

Ciprian Pungila
View author publications
You can also search for this author in PubMed Google Scholar
Viorel Negru
View author publications
You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Ciprian Pungila .

Editor information

Editors and Affiliations

University of Leon, Leon, Spain
Hilde Pérez García
University of Leon, Leon, Spain
Javier Alfonso-Cendón
University of Leon, Leon, Spain
Lidia Sánchez González
Department of Industrial Engineering, University of A Coruña, Ferrol, Spain
Héctor Quintián
University of Salamanca, Salamanca, Spain
Emilio Corchado

Rights and permissions

Reprints and permissions

Copyright information

About this paper

Cite this paper

Pungila, C., Negru, V. (2018). FAST: A High-Performance Architecture for Heterogeneous Big Data Forensics. In: Pérez García, H., Alfonso-Cendón, J., Sánchez González, L., Quintián, H., Corchado, E. (eds) International Joint Conference SOCO’17-CISIS’17-ICEUTE’17 León, Spain, September 6–8, 2017, Proceeding. SOCO ICEUTE CISIS 2017 2017 2017. Advances in Intelligent Systems and Computing, vol 649. Springer, Cham. https://doi.org/10.1007/978-3-319-67180-2_60

Download citation

DOI: https://doi.org/10.1007/978-3-319-67180-2_60
Published: 23 August 2017
Publisher Name: Springer, Cham
Print ISBN: 978-3-319-67179-6
Online ISBN: 978-3-319-67180-2
eBook Packages: EngineeringEngineering (R0)

Publish with us

Policies and ethics