Skip to main content
SpringerLink
Log in

Differential Evolution Based Significant Data Region Identification on Large Storage Drives

  • Chapter
  • First Online:
Intelligent Decision Support Systems for Sustainable Computing

Part of the book series: Studies in Computational Intelligence ((SCI,volume 705))

Abstract

In today’s scenario, almost every user involuntarily generates and utilizes several Gigabytes and Terabytes of data. It is due to the accessibility of diverse and inexpensive digital hard disk drives (HDDs) that have facilitated users with comparably large storage capacities. Almost every digital crime is directly or indirectly associated with storage devices. The ever increasing storage strength of HDD has elevated the forensic examination cost and complexities for the digital forensic investigator. The considerable amount of time is consumed during identification and analysis phase of Digital Forensic (DF) process which creates huge backlog of cases, as a result remarkable delay occurs for availing justice from judicial body. In this research, we propose a methodology to identify forensically significant data regions of suspected drive that can be helpful in accelerating overall digital investigation process. A proof-of-concept technique is developed that utilizes Differential Evolution (DE) for determining the significant data regions and data storage pattern of HDD. The proposed approach incorporates DE which internally utilizes the geometry information of the HDD, i.e. cylinder, track and sector values, for population generation and decision making. Throughout the paper DE samples are defined using the geometry information and entropy as fitness value. Storage devices with different storage capabilities were considered for the experiment and analysis. Detailed case study using the analysis on formatted suspected storage drives highlights the relevance of the proposed approach. The end result is series of output files, providing information about significant regions of the HDD, using which investigator can easily interpret and analyze the suspected drive. Finally, the proposed method is compared with the important functionalities of existing approaches.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 84.99
Price excludes VAT (USA)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 109.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info
Hardcover Book
USD 109.99
Price excludes VAT (USA)
  • Durable hardcover edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

References

  1. M.G. Williams, A risk assessment on Raspberry Pi using NIST standards. Int. J. Comput. Sci. Netw. Secur. (IJCSNS) 15(6), 22 (2015)

    Google Scholar 

  2. D. Quick, K.K.R. Choo, Big forensic data reduction: digital forensic images and electronic evidence. Springer Cluster Comput. 1–18 (2016)

    Google Scholar 

  3. D. Quick, K.K.R. Choo, Impacts of increasing volume of digital forensic data: a survey and future research challenges. Elsevier Digit. Investig. 11(4), 273–294 (2014)

    Article  Google Scholar 

  4. V. Roussev, C. Quates, R. Martell, Real-time digital forensics and triage. Elsevier Digit. Investig. 10(2), 158–167 (2013)

    Article  Google Scholar 

  5. A. Shaw, A. Browne, A practical and robust approach to coping with large volumes of data submitted for digital forensic examination. Elsevier Digit. Investig. 10(2), 116–128 (2013)

    Article  Google Scholar 

  6. J. Grier, G.G. Richard, Rapid forensic imaging of large disks with sifting collectors. Elsevier Digit. Investig. 14, S34–S44 (2015)

    Article  Google Scholar 

  7. S.L. Garfinkel, Carving contiguous and fragmented files with fast object validation. Elsevier Digit. Investig. 4, 2–12 (2007)

    Article  Google Scholar 

  8. S.L. Garfinkel, A. Nelson, Fast Disk Analysis with Random Sampling (2010)

    Google Scholar 

  9. N. Kishore, B. Kapoor, Faster file imaging framework for digital forensics. Procedia Comput. Sci. 49, 74–81 (2015)

    Article  Google Scholar 

  10. F. Adelstein, Live forensics: diagnosis your system without killing it first. Commun. ACM 49(2), 63–66 (2006)

    Article  Google Scholar 

  11. D. Ayers, A second generation computer forensic analysis system. Elsevier Digit. Investig. 6, S34–S42 (2009)

    Article  Google Scholar 

  12. S.L. Garfinkel, Digital forensics research: the next 10 years. Elsevier Digit. Investig. 7, S64–S73 (2010)

    Article  Google Scholar 

  13. N. Beebe, J. Clark, Dealing with Terabyte Data Sets in Digital Investigations, in Advances in Digital Forensics (Springer, 2005), pp. 3–16

    Google Scholar 

  14. J. Dalins, C. Wilson, M. Carman, Monte-carlo filesystem search—a crawl strategy for digital forensics. Elsevier Digit. Investig. 13, 58–71 (2015)

    Article  Google Scholar 

  15. G. Palmer et al., A Roadmap for Digital Forensics Research, in Forst Digital Forensics Research Workshop, Utica, New York (2001), pp. 27–30

    Google Scholar 

  16. R. Storn, K. Price, Differential evolution—a simple and efficient heuristic for global optimization over continuous spaces. J. Global Optim. 11(4), 341–359 (1997)

    Article  MathSciNet  MATH  Google Scholar 

  17. S. Das, A. Konar, Two-dimensional IIR filter design with modern search heuristics: a comparative study. Int. J. Comput. Intell. Appl. 6(03), 329–355 (2006)

    Article  MATH  Google Scholar 

  18. P.K. Liu, F.S. Wang, Inverse problems of biological systems using multi-objective optimization. J. Chin. Inst. Chem. Eng. 39(5), 399–406 (2008)

    Article  Google Scholar 

  19. T. Rogalsky, S. Kocabiyik, R. Derksen, Differential evolution in aerodynamic optimization. Can. Aeronaut. Space J. 46(4), 183–190 (2000)

    Google Scholar 

  20. M.G. Omran, A.P. Engelbrecht, A. Salman, in 2005 IEEE Congress on Differential Evolution Methods for Unsupervised Image Classification, vol. 2 (IEEE, 2005), pp. 966–973

    Google Scholar 

  21. J. Vesterstrom, R. Thomsen, A comparative study of differential evolution, particle swarm optimization, and evolutionary algorithms on numerical benchmark problems, in Congress on Evolutionary Computation, 2004. CEC2004, vol. 2 (2004), pp. 1980–1987. doi:10.1109/CEC.2004.1331139

  22. J. Kennedy, R. Eberhart, Particle swarm optimization, in IEEE International Conference on Neural Networks, 1995. Proceedings, vol. 4 (1995), pp. 1942–1948. doi:10.1109/ICNN.1995.488968

  23. J.H. Holland, Adaptation in Natural and Artificial Systems: An Introductory Analysis with Applications to Biology, Control, and Artificial Intelligence (U Michigan Press, 1975)

    Google Scholar 

  24. A.P. Engelbrecht, Computational Intelligence: An Introduction (Wiley, 2007)

    Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Department of Computer Science and Engineering, Defence Institute of Advanced Technology, Pune, 411025, India

    Nitesh K Bharadwaj & Upasna Singh

Authors
  1. Nitesh K Bharadwaj
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Upasna Singh
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Nitesh K Bharadwaj .

Editor information

Editors and Affiliations

  1. VIT University , Vellore, Tamil Nadu, India

    Arun Kumar Sangaiah

  2. Sci N/w for Innova and Research Exc, Machine Intelligence Research Labs Sci N/w for Innova and Research Exc, Auburn, Washington, USA

    Ajith Abraham

  3. Faculté des Sciences et Technologie, Université Paris-Est Créteil Val-de-Marn Faculté des Sciences et Technologie, Créteil Cedex, France

    Patrick Siarry

  4. Faculty of Engig Computer & Math sci, The University of Adelaide Faculty of Engig Computer & Math sci, Adelaide, South Australia, Australia

    Michael Sheng

Rights and permissions

Reprints and permissions

Copyright information

© 2017 Springer International Publishing AG

About this chapter

Cite this chapter

Bharadwaj, N.K., Singh, U. (2017). Differential Evolution Based Significant Data Region Identification on Large Storage Drives. In: Sangaiah, A., Abraham, A., Siarry, P., Sheng, M. (eds) Intelligent Decision Support Systems for Sustainable Computing. Studies in Computational Intelligence, vol 705. Springer, Cham. https://doi.org/10.1007/978-3-319-53153-3_8

Download citation

  • DOI: https://doi.org/10.1007/978-3-319-53153-3_8

  • Published:

  • Publisher Name: Springer, Cham

  • Print ISBN: 978-3-319-53152-6

  • Online ISBN: 978-3-319-53153-3

  • eBook Packages: EngineeringEngineering (R0)

Publish with us

Policies and ethics

Search

Navigation