Dataset for forensic analysis of B-tree file system

Since B-tree file system (Btrfs) is set to become de facto standard file system on Linux (and Linux based) operating systems, Btrfs dataset for forensic analysis is of great interest and immense value to forensic community. This article presents a novel dataset for forensic analysis of Btrfs that wa...

Descripción completa

Detalles Bibliográficos
Autores principales: Wani, Mohamad Ahtisham, Bhat, Wasim Ahmad
Formato: Online Artículo Texto
Lenguaje:English
Publicado: Elsevier 2018
Materias:
Computer Sciences   
Acceso en línea:https://www.ncbi.nlm.nih.gov/pmc/articles/PMC5998747/
https://www.ncbi.nlm.nih.gov/pubmed/29904709
http://dx.doi.org/10.1016/j.dib.2018.04.100
Descripción
Sumario:Since B-tree file system (Btrfs) is set to become de facto standard file system on Linux (and Linux based) operating systems, Btrfs dataset for forensic analysis is of great interest and immense value to forensic community. This article presents a novel dataset for forensic analysis of Btrfs that was collected using a proposed data-recovery procedure. The dataset identifies various generalized and common file system layouts and operations, specific node-balancing mechanisms triggered, logical addresses of various data structures, on-disk records, recovered-data as directory entries and extent data from leaf and internal nodes, and percentage of data recovered.

Ejemplares similares