Study Document
Analyzing the Hashing Files Case Study
Hashing Files
Course Code
Rouse (2005-2015) defines hashing as the changing of a characters' string into normally smaller fixed-length value, which corresponds to the initial string. It is made use of in indexing and retrieving items in databases because the item is easier to find when a shorter hashes key is used than when an original value is used. Hash functions are well-defined functions for converting or representing various kinds of data into comparatively smaller integers. The value of a hash function is a hash value, hash, or hash code.
Importance of Hash Values
Hashing creates sets of numbers representing drives or sets of files. On using hashing, the details about the particular evidence cannot be determined or drawn from the hash code, but an alteration of the evidence results to a change in the hash code. This is demonstrated below through an illustration.
A word document containing 60 lines of text was created. I opted to employ Hasher Lite for this document. On processing the document through Hasher Lite, some numbers and figures appear. They represent the document's static version. The document's hash value had much fewer numbers initially. On altering the document by some alterations to the original file (an addition and removal of a particular amount of text) and then run through a hasher, the resultant hash value and characters were longer (and evidently different).
The example above illustrates the importance of Hash values. Rowe (2010) states that security and efficiency are some of the main factors that make hash values so important. Employing an optimized hash engine allows an investigator to avoid going through billions of bytes or source data. Such an engine can help tremendously when comparing thousands of hash values. Versions of an object can also be quickly found and so help an inquiry narrow its focus by filtering out unneeded data. The same technique can be used to help screen targets for trace evidence without heavy reliance on file system metadata, which helps process formatted or corrupted targets. Achieving this through traditional means is hard as it requires the investigators to reconstruct objects and parse many formats (Rowe, 2010).The other factor relates to Security. Recreating or engineering the original data cannot be done from the hash codes. This ascertains that there is some level of security because of which the data cannot be drawn directly from the hash value. In computer forensics, hash…
Sample Source(s) Used
References
Federal Evidence Review. (2008, September 18). Using "Hash" Values In Handling Electronic Evidence. Retrieved December 2, 2015, from Federal Evidence Review: www.federalevidence.com
Rouse, M. (2005-2015). Hashing definition. Retrieved December 2, 2015, from TechTarget: www.techtarget.com
Rowe, J. (2010, December 10). What Is A Hash Value? Retrieved December 2, 2015, from PinPoint Labs: www.pinpointlabs.com
Related Documents
Study Document
Different Interpretations of ISO-9660 File Systems
Systems COMPUTER SCIENCE Computer forensic is a scientific method of analyzing the digital information which is used as evidence for the criminal, administrative and civil cases. In the contemporary legal environment, computer forensic has become a vital part in solving the complex crimes. Since computer forensic experts use data to solve high level cases, effective data storage and retrieval is critical aspect of forensic investigation and effective data storage is very
Study Document
How to Collect and Analyze Data in Computer Forensics
burgeoning field of computer or digital forensics has multiple applications. As Carroll, Brannon & Song (2008a) point out, the two primary functions of computer forensics include data extraction and data analysis. As with other areas of forensics, methodologies in computer forensics include scientific methods of data collection, data preservation, and data analysis with ultimate goals of documentation or presentation in accordance with the needs and demands of the investigative
Study Document
Replication Today, There Are a
Each of the databases exports a view of its tables or objects that conforms to the shared data model, so that queries can be expressed using a common set of names for properties and relationships regardless of the database. The queries are then translated so that they are actually run against the local data using local names in the local query language; in the reverse direction results may be
Study Document
Cyber Crime Forensics
Cybercrime has become a serious problem in the world we live in. The abundance of personal computers that are readily available at relatively low prices has spawned the growth in Cybercrime all over the globe. As a result, law enforcement agencies have developed cybercrime forensics which is designed to track down those that are responsible for cyber crimes. The purpose of this discussion is to analyze this subject and discuss
Study Document
Computer Forensics Case Study
Computer Forensics The issue at hand involves the examination of a scene from an office space within Widget Corporation. We find that this is the assigned office for a Mr. Didit. The information we have at hand is digital -- a photograph taken from an approximate distance of 3 feet from the occupant's desk. Using the photograph, we find that there are a number of electronic and non-electronic devices and our
Study Document
Security Awareness the Weakest Link
To offer an information security awareness training curriculum framework to promote consistency across government (15). Security awareness is needed to ensure the overall security of the information infrastructure. Security awareness programs is the can help organizations communicate their security information policies, as well as tips for users, to help keep systems secure, and the practices the entire organization should be utilizing. However, as Kolb and Abdullah reiterate, "security awareness is not