Skip to main content
SpringerLink
Log in

Detection and Recognition of File Masquerading for E-mail and Data Security

  • Conference paper
Book cover Recent Trends in Network Security and Applications (CNSA 2010)

Part of the book series: Communications in Computer and Information Science ((CCIS,volume 89))

Included in the following conference series:

Abstract

Due to the tremendous improvement of internet technology and increasing importance of privacy, security, and wise use of computational resources, the corresponding technologies are increasingly being faced with the problem of file type detection. Digital forensics deals with an investigation of digital evidence to enable investigators to detect the facts for the offences. In digital forensics, there are numerous file formats in use and criminals have started using either non-standard file formats or change extensions of files while storing or transmitting them over a network. This makes recovering data out of these files difficult. This also poses a very severe problem for the unauthorized users to send malicious data across the network and it is essential to tackle this e-crime which may harm the entire organization and network . File type detection has the most usage and importance in the proper functionality of operating systems, firewalls, intrusion detection systems, anti viruses, filters, steganalysis and computer forensics. Certain organizations may ban specific file formats via their intranet or E-mail services and the technique to change file extension in sending across has to be severely monitored. Identifying the type of file format of a digital object will be a crucial function on ingest to a digital repository thereby attaining improved security and fraud prevention .This paper focuses on identifying the true file type , detect the presence of embedded data types to improve analysis efficiency in Digital forensic .

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 84.99
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 109.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. Hall, G.A., Davis, W.P.: Sliding Window Measurement for File Type Identification. In: Proceedings of IEEE Workshop on Information Assurance Workshop (June 2006)

    Google Scholar 

  2. Haggerty, J., Taylor, M.: FORSIGS; Forensic Signature Analysis of the Hard Drive for Multimedia File Fingerprints. In: IFIP TC11 International Information Security Conference, Sandton, South Africa (2006)

    Google Scholar 

  3. Karresand, M., Shahmehri, N.: Oscar: File Type Identification of Binary Data in Disk Clusters and RAM Pages. In: Proceedings of IFIP International Information Security Conference: Security and Privacy in Dynamic Environments (SEC 2006), Karlstad, Sweden, pp. 413–424. Springer, Heidelberg (May 2006)

    Google Scholar 

  4. Martin, K., Nahid, S.: File type identification of data fragments by their binary structure. In: Proceedings of the IEEE Workshop on Information Assurance (2006)

    Google Scholar 

  5. Ahmed, I., Lhee, K.-s., Shin, H., Hong, M.: On Improving the Accuracy and Performance of Content-based File Type Identification. In: Boyd, C., González Nieto, J. (eds.) ACISP 2009. LNCS, vol. 5594, pp. 44–59. Springer, Heidelberg (2009)

    Chapter  Google Scholar 

  6. Ahmed, I., Lhee, K.-s., Shin, H., Hong, M.: Fast File-type Identification. In: Proceedings of the 25th ACM Symposium on Applied Computing (ACM SAC 2010). ACM, Sierre (March 2010)

    Google Scholar 

  7. Martin, K., Nahid, S.: Oscar - file type identification of binary data in disk clusters and RAM pages. In: IFIP Security and Privacy in Dynamic Environments, pp. 413–424 (2006)

    Google Scholar 

  8. Martin, K., Nahid, S.: File type identification of data fragments by their binary structure. In: Proceedings of the IEEE Workshop on Information Assurance, pp. 140–147 (2006)

    Google Scholar 

  9. McDaniel, M., Heydari, M.H.: Content Based File Type Detection algorithms. In: IEEE Proceedings of the 36th Hawaii International Conference on System Sciences (2003)

    Google Scholar 

  10. Amirani, M.C., Toorani, M., Shirazi, A.A.B.: A New Approach to Content-based File type Detection. In: Proceedings of the 13th IEEE Symposium on Computers and Communications (ISCC 2008), pp. 1103–1108. IEEE ComSoc, Marrakech (July 2008)

    Google Scholar 

  11. Erbacher, R.F., Mulholland, J.: Identification and Localization of Data Types within Large-Scale File Systems. In: Proceedings of the 2nd International Workshop on Systematic Approaches to Digital Forensic Engineering, Seattle, WA (April 2007)

    Google Scholar 

  12. Roussev, V., Garfinkel, S.: File Classification Fragment-The Case for Specialized Approaches. In: Systematic Approaches to Digital Forensics Engineering (IEEE/SADFE 2009), Oakland, California (2009)

    Google Scholar 

  13. Lechich, R.: File Format Identification and Validation Tools. In: Integrated Library & Technology Systems. Yale University Library, New Haven

    Google Scholar 

  14. Harris, R.M.: Using Artificial Neural Networks for Forensic File Type Identification. Master’s Thesis, Purdue University (May 2007)

    Google Scholar 

  15. Ware, R.: File Extension Renaming and Signaturing. Digital Forensics (September 19, 2006)

    Google Scholar 

  16. Moody, S.J., Erbacher, R.F.: SÁDI – Statistical Analysis for Data type Identification. In: 3rd International Workshop on Systematic Approaches to Digital Forensic Engineering (2008)

    Google Scholar 

  17. Veenman, C.J.: Statistical disk cluster classification for file carving. In: IEEE Third International Symposium on Information Assurance and Security, pp. 393–398 (2007)

    Google Scholar 

  18. Calhoun, W.C., Coles, D.: Predicting the types of file fragments. In: Digital Forensic Research Workshop. Elsevier, Amsterdam (2008)

    Google Scholar 

  19. Li, W.-J., Wang, K., Stolfo, S.J., Herzog, B.: Fileprints: Identifying File Types by n-gram Analysis. In: Proceedings of the 2005 IEEE Workshop on Information Assurance (2005)

    Google Scholar 

  20. Lin, X., Xiong, Y.: Detection and analysis of table of contents based on content association. International Journal of Document Analysis (2006)

    Google Scholar 

  21. Mohay, G., Anderson, A., Collie, B., De Vel, O., Mc Kemmish, R.: Computer and Intrusion Forensics. Artech House, Inc. (2003)

    Google Scholar 

  22. File extensions, http://www.file-extension.com/

  23. Magic numbers, http://qdn.qnx.com/support/docs/qnx4/utils/m/magic.html

  24. File Format Registry, http://hul.harvard.edu/~stephen/Format_Registry.doc

Download references

Author information

Authors and Affiliations

  1. Research Scholar, Department of computer science and Engg., Anna University, Chennai

    R. Dhanalakshmi

  2. Department of computer science and Engg., Anna University, Chennai

    C. Chellappan

Authors
  1. R. Dhanalakshmi
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. C. Chellappan
    View author publications

    You can also search for this author in PubMed Google Scholar

Editor information

Editors and Affiliations

  1. Jackson State University, Jackson, MS, USA

    Natarajan Meghanathan

  2. CNAM / CEDRIC, Paris, France

    Selma Boumerdassi

  3. University of Calcutta, Calcutta, India

    Nabendu Chaki

  4. Wireilla Net Solutions PTY Ltd, Australia

    Dhinaharan Nagamalai

Rights and permissions

Reprints and permissions

Copyright information

© 2010 Springer-Verlag Berlin Heidelberg

About this paper

Cite this paper

Dhanalakshmi, R., Chellappan, C. (2010). Detection and Recognition of File Masquerading for E-mail and Data Security. In: Meghanathan, N., Boumerdassi, S., Chaki, N., Nagamalai, D. (eds) Recent Trends in Network Security and Applications. CNSA 2010. Communications in Computer and Information Science, vol 89. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-14478-3_26

Download citation

  • DOI: https://doi.org/10.1007/978-3-642-14478-3_26

  • Publisher Name: Springer, Berlin, Heidelberg

  • Print ISBN: 978-3-642-14477-6

  • Online ISBN: 978-3-642-14478-3

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation