Published on Wed Jul 22 2020

Fragments-Expert: A Graphical User Interface MATLAB Toolbox for Classification of File Fragments

Mehdi Teimouri, Zahra Seyedghorban, Fatemeh Amirjani

Fragments-Expert is a graphical user interface MATLAB toolbox. It provides users with 22 categories of features extracted from file fragments. These features can be employed by 7 categories of machine learning algorithms for the task of classification.

0
0
0
Abstract

The classification of file fragments of various file formats is an essential task in various applications such as firewalls, intrusion detection systems, anti-viruses, web content filtering, and digital forensics. However, the community lacks a suitable software tool that can integrate major methods for feature extraction from file fragments and classification among various file formats. In this paper, we present Fragments-Expert that is a graphical user interface MATLAB toolbox for the classification of file fragments. It provides users with 22 categories of features extracted from file fragments. These features can be employed by 7 categories of machine learning algorithms for the task of classification among various file formats.

Tue Jul 02 2019
Machine Learning
Methodology for the Automated Metadata-Based Classification of Incriminating Digital Forensic Artefacts
The ever increasing volume of data in digital forensic investigation is one of the most discussed challenges in the field. Manually retrieving suspicious files relevant to the investigation is akin to finding a needle in a haystack. This methodology is designed to work in a human-in-the-loop
0
0
0
Wed Feb 17 2010
Artificial Intelligence
A new approach to content-based file type detection
A new method for the purpose of file type detection and file type clustering is proposed that is based on the PCA and neural networks. The proposed method has a good accuracy and is fast enough.
0
0
0
Thu Oct 15 2020
Machine Learning
EnCoD: Distinguishing Compressed and Encrypted File Fragments
EnCoD is a learning-based classifier which can distinguish compressed and encrypted data, starting with fragments as small as 512 bytes. EnCoD outperforms current state-of-the-art for most considered fragment sizes and data types.
0
0
0
Wed Jul 15 2020
Machine Learning
Static analysis of executable files by machine learning methods
The paper describes how to detect malicious executable files based on static analysis of their binary content. The stages of pre-processing and cleaning data extracted from different areas of executable files are analyzed. An ensemble training approach was applied to aggregate forecasts from each classifier.
0
0
0
Wed Mar 31 2021
Machine Learning
Reliable Detection of Compressed and Encrypted Data
0
0
0
Sun Jan 05 2020
Machine Learning
Flexible Log File Parsing using Hidden Markov Models
We aim to model unknown file processing. We train our model on one system type, applying the resulting parsing rule to a different system with slightly different log file patterns, we achieve an accuracy over 99%. We use this HMM as a specific, however, flexible representation of a pattern for log
0
0
0