University Report: File Analysis System and Digital Forensics

Verified

Added on 2022/09/12

AI Summary

This report provides an overview of the File Analysis System, a critical component of digital forensics. It explores the methods used in file system analysis, emphasizing the importance of understanding file formats and the organization of data within a system. The report delves into the process of file system analysis, including acquisition, authentication, abstraction, renovation, and reporting. It also discusses various file systems like FAT32, NTFS, and Ext, highlighting their roles and functionalities. The evaluation covers the significance of metadata, password protection, and the organization of files in blocks and directories. The report concludes by emphasizing the importance of these systems in preventing digital outbreaks and assisting forensic departments in observing digital evidence. The report refers to various sources like Al Fahdi et al. (2016), Cho (2015), Huang et al. (2015), Martini and Choo (2014), and Riadi et al. (2019) to support the findings.

Running head: FILE ANALYSIS SYSTEM
FILE ANALYSIS SYSTEM
Name of the Student:
Name of the University:
Author’s Note:

Paraphrase This Document

Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser

1FILE ANALYSIS SYSTEM
Introduction:-
File system analysis is one of the significant parts of digital forensic. Much digital proof
is kept within the processor's file system, but understanding the process of file systems methods
is one of the most theoretically challenging perceptions for an investigator because there survives
small documentation (Wahyudi, Riadi and Prayudi 2018). This system in a processor is the
method in which files are entitled and logically positioned for retrieval and storage. It can be
measured as an index or database that covers the physical address of every particular portion of
data on the individual storage device, like hard disk, flash drive, DVD, or CD. This document is
prepared in folders, which are named directories
Critical evaluation:-
For retrieving and storing files, this process creates the application of metadata, which
contains the time the file was generated, data reformed, file capacity, and many others (Riadi,
Fadlil and Aulia 2019). They can also control operators from retrieving a specific file by
applying a password or encryption. Files are kept on a storage broadcasting in "regions." Unused
segments can be applied for keeping information, characteristically done in zonal groups
identified as blocks (Martini and Choo 2014). The file system recognizes the size and place and
the sectors that are accessible for storing. If an arrangement for establishing files did not happen,
it would not be probable to retrieve or delete files or to retain two files with a similar name;
meanwhile, every file would occur in a similar folder (Al Fahdi et al. 2016). For instance, it is
since of folders that users are capable of naming some several image files with a similar name, as
both presents in specific different folders. However, if these different files are in a similar
directory, they cannot receive a similar name.

2FILE ANALYSIS SYSTEM
Many applications want a file system to work. Therefore each partition wants to have
one. Commands are also reliant on file systems, which denotes that if a program is constructed to
be applied in Mac operating systems, it will not be able to work on Windows. There are some
different kinds of file systems like Ext file, FAT32, NTFS (Cho 2015). The file format is the
critical term in file systems. It is an arrangement and organization of information inside the file.
Uncertainty, a file is to be applied by a program; it should be capable of identifying and taking
access to the file records. Digital forensic analysts can follow some steps for analyses of any file
systems (Huang et al. 2015). These processes are Acquisition, authentication, Abstraction,
renovation, and reporting. These steps can assist in examining a file system for information that
may deliver the record in a forensic examination.
Conclusion:-
This kind of digital forensic method can fluctuate between OS like MAC, Microsoft
Windows, and Linux. Specific file systems are framed for particular applications. Significant file
categories systems contain dispersed file systems, Disk depends on file systems and distinct
purpose file systems. So finally, this report state that these systems is very much essential to
prevent any digital outbreaks. The forensic department can observe all kinds of outbreaks
through these methods.

3FILE ANALYSIS SYSTEM
References:-
Al Fahdi, M., Clarke, N.L., Li, F. and Furnell, S.M., 2016. A suspect-oriented intelligent and
automated computer forensic analysis. Digital Investigation, 18, pp.65-76.
Cho, G.S., 2015, July. NTFS Directory Index Analysis for Computer Forensics. In 2015 9th
International Conference on Innovative Mobile and Internet Services in Ubiquitous Computing
(pp. 441-446). IEEE.
Huang, N., He, J., Zhao, B., Liu, G. and Wan, X., 2015. Reconstructing fragmented YAFFS2
files for forensic analysis. International Journal of Hybrid Information Technology, 8(7), pp.37-
44.
Martini, B. and Choo, K.K.R., 2014. Distributed filesystem forensics: XtreemFS as a case study.
Digital Investigation, 11(4), pp.295-313.
Riadi, I., Fadlil, A. and Aulia, M.I., 2019. Review Proses Forensik Optical Drive Menggunakan
Metode National Institute of Justice (NIJ). Jutisi: Jurnal Ilmiah Teknik Informatika dan Sistem
Informasi, 8(3), pp.107-118.
Wahyudi, E., Riadi, I. and Prayudi, Y., 2018. Virtual Machine Forensic Analysis And Recovery
Method For Recovery And Analysis Digital Evidence. International Journal of Computer
Science and Information Security, 16.