The Experts below are selected from a list of 60 Experts worldwide ranked by ideXlab platform
Zoheb Shivani - One of the best experts on this subject based on the ideXlab platform.
-
ICDIM - Snapshot service interface (ssi), a generic snapshot assisted backup framework for linux
2006 1st International Conference on Digital Information Management, 2007Co-Authors: Faraz Shaikh, Zoheb ShivaniAbstract:This paper presents the design and implementation of "Snapshot Service Interface-SSI", a standardized backup framework for the Linux platform. Linux is a prominent candidate for using such a backup framework because of its ubiquitous nature on the high-end server market. Such a backup framework is introduced in Windows 2003 under the name of Volume Shadow Copy service VSS [1]. SSI being a first of its kind backup solution for the Linux platform, the main contribution of this paper is to dicuss the pros and cons of different design alternatives available on Linux. The paper also provides a quantitative measure on performance hits incurred due to using such framework in lieu of using traditional backup methods.
-
Snapshot service interface (ssi), a generic snapshot assisted backup framework for linux
2006 1st International Conference on Digital Information Management, 2006Co-Authors: Faraz Shaikh, Zoheb ShivaniAbstract:This paper presents the design and implementation of "Snapshot Service Interface-SSI", a standardized backup framework for the Linux platform. Linux is a prominent candidate for using such a backup framework because of its ubiquitous nature on the high-end server market. Such a backup framework is introduced in Windows 2003 under the name of Volume Shadow Copy service VSS [1]. SSI being a first of its kind backup solution for the Linux platform, the main contribution of this paper is to dicuss the pros and cons of different design alternatives available on Linux. The paper also provides a quantitative measure on performance hits incurred due to using such framework in lieu of using traditional backup methods.
Faraz Shaikh - One of the best experts on this subject based on the ideXlab platform.
-
ICDIM - Snapshot service interface (ssi), a generic snapshot assisted backup framework for linux
2006 1st International Conference on Digital Information Management, 2007Co-Authors: Faraz Shaikh, Zoheb ShivaniAbstract:This paper presents the design and implementation of "Snapshot Service Interface-SSI", a standardized backup framework for the Linux platform. Linux is a prominent candidate for using such a backup framework because of its ubiquitous nature on the high-end server market. Such a backup framework is introduced in Windows 2003 under the name of Volume Shadow Copy service VSS [1]. SSI being a first of its kind backup solution for the Linux platform, the main contribution of this paper is to dicuss the pros and cons of different design alternatives available on Linux. The paper also provides a quantitative measure on performance hits incurred due to using such framework in lieu of using traditional backup methods.
-
Snapshot service interface (ssi), a generic snapshot assisted backup framework for linux
2006 1st International Conference on Digital Information Management, 2006Co-Authors: Faraz Shaikh, Zoheb ShivaniAbstract:This paper presents the design and implementation of "Snapshot Service Interface-SSI", a standardized backup framework for the Linux platform. Linux is a prominent candidate for using such a backup framework because of its ubiquitous nature on the high-end server market. Such a backup framework is introduced in Windows 2003 under the name of Volume Shadow Copy service VSS [1]. SSI being a first of its kind backup solution for the Linux platform, the main contribution of this paper is to dicuss the pros and cons of different design alternatives available on Linux. The paper also provides a quantitative measure on performance hits incurred due to using such framework in lieu of using traditional backup methods.
Timothy R. Leschke - One of the best experts on this subject based on the ideXlab platform.
-
VizSEC - Change-link 2.0: a digital forensic tool for visualizing changes to Shadow Volume data
Proceedings of the Tenth Workshop on Visualization for Cyber Security - VizSec '13, 2013Co-Authors: Timothy R. Leschke, Charles NicholasAbstract:We present Change Link 2.0, a coordinated and multiple view tool for digital forensics which supports an understanding of how Shadow Volume data have changed over time. An improvement over the original Change-Link tool [25], Change-Link 2.0 provides an overview, a directory-tree view, a directory content view, and a metadata view in a side-by-side, split-screen, linked-view interface that supports easy browsing and detection of files and directories that have changed over time. This data visualization approach supports faster comprehension of digital forensic data, quick detection of anomalous data, and a better understanding of "what happened?." Input to Change-Link 2.0 is an evidentiary hard drive containing multiple versions of files and directories which have been archived by the Microsoft Volume Shadow Copy Service [28]. Our contributions include data visualization techniques that support an overview of the entire dataset, as well as an understanding of how the directory-tree structure, individual directory content, and file and directory metadata have changed over time. Change-Link 2.0, and its predecessor, are the first data visualization tools that we are aware of which support the forensic examination of Shadow Volume data.
-
Applying data visualization techniques to support the analysis of digital forensic data
2013Co-Authors: Charles Nicholas, Timothy R. LeschkeAbstract:The Modern Age of digital forensics is characterized by a proliferation of artifacts, increased data complexity, larger and cheaper data storage, and the emergence of the need for tools that support timeline analysis, anomaly detection, and triage. Traditional text-based digital forensic tools can no longer keep pace with the demands of the modern digital forensic examiner. A new approach for developing digital forensic tools is required if digital forensics is going to avoid becoming stagnant. We apply the power of data visualization to support the needs of the modern digital forensic examiner. We design and develop a tool called Change-Link; a coordinated and multiple view tool which uses semantic zooming in the form of an overview, treeview, directory content view, and a metadata view to provide an understanding of digital forensic data that changes over time. By using this tool to examine a mock evidence hard drive containing Shadow Volume data provided by the Microsoft Volume Shadow Copy Service, we demonstrate a way to reduce data complexity and provide better forensic data analysis while supporting timeline analysis, anomaly detection, and a triage of the dataset. We demonstrate a proof for our broader hypothesis which is data visualization techniques can be developed to support better analysis of digital forensic data.
-
VizSEC - Change-Link: a digital forensic tool for visualizing changes to directory trees
Proceedings of the Ninth International Symposium on Visualization for Cyber Security - VizSec '12, 2012Co-Authors: Timothy R. Leschke, Alan T. ShermanAbstract:We present Change-Link, a customizable data exploration tool which empowers the user to see visual representations of directories that have changed over time within a computer operating system that supports the Microsoft Volume Shadow Copy Service (VSS). Change-Link displays change information in a split-screen interface comprising an overview of directory change for the entire dataset and a detail view of change for individual directories. Input to Change-Link is an evidence hard drive containing an active file system and previous versions of the directory structure that were archived by the VSS. This approach to browsing change within a directory structure helps a digital forensic examiner understand how a particular computer was used to support criminal activity. Because data that have changed are often the most important, identifying directories that have changed over time directs attention towards data of higher importance. By examining the most important data, digital forensic examiners are better able to keep pace with the data explosion that is making current digital forensic examinations unmanageable. Our contributions include the development of a segmented box and whisker glyph for representing change over time for individual directories, an approach for aggregating VSS data for digital forensic examinations, and a data visualization tool for exploring digital forensic data.
Hu Xiao-qi - One of the best experts on this subject based on the ideXlab platform.
-
Design and Implementation of a file synchronization system based on difference
Microcomputer Information, 2009Co-Authors: Hu Xiao-qiAbstract:There is some shortcoming for implementing a network file-backup center based on the traditional file synchronization architecture (rsync) ,such as the server's load is too heavy and the data transmitted on the network is too much. Design and implement a file synchronization system through improving the rsync architecture,add the Volume Shadow Copy Service on the client,and calculate the file difference between these different versions by using this service. In this way,it can calculate the file difference more quickly,bring down the amount of calculation on the server and reduce the data transmitted on the network.
-
Design and Implementation of a File Synchronization System Based on Difference
Computers & Security, 2009Co-Authors: Hu Xiao-qiAbstract:The traditional file synchronization architecture(rsync) has some shortcoming for implementing a network file-backup center, such as the server’s load is too heavy and the data transmitted on the network is too much. Design and implement a file synchronization system through improving the rsync architecture, add the Volume Shadow Copy Service on the client, and calculate the file difference between these different versions by using this service. In this way, it can calculate the file difference more quickly, bring down the amount of calculation on the server and reduce the data transmitted on the network.
Charles Nicholas - One of the best experts on this subject based on the ideXlab platform.
-
VizSEC - Change-link 2.0: a digital forensic tool for visualizing changes to Shadow Volume data
Proceedings of the Tenth Workshop on Visualization for Cyber Security - VizSec '13, 2013Co-Authors: Timothy R. Leschke, Charles NicholasAbstract:We present Change Link 2.0, a coordinated and multiple view tool for digital forensics which supports an understanding of how Shadow Volume data have changed over time. An improvement over the original Change-Link tool [25], Change-Link 2.0 provides an overview, a directory-tree view, a directory content view, and a metadata view in a side-by-side, split-screen, linked-view interface that supports easy browsing and detection of files and directories that have changed over time. This data visualization approach supports faster comprehension of digital forensic data, quick detection of anomalous data, and a better understanding of "what happened?." Input to Change-Link 2.0 is an evidentiary hard drive containing multiple versions of files and directories which have been archived by the Microsoft Volume Shadow Copy Service [28]. Our contributions include data visualization techniques that support an overview of the entire dataset, as well as an understanding of how the directory-tree structure, individual directory content, and file and directory metadata have changed over time. Change-Link 2.0, and its predecessor, are the first data visualization tools that we are aware of which support the forensic examination of Shadow Volume data.
-
Applying data visualization techniques to support the analysis of digital forensic data
2013Co-Authors: Charles Nicholas, Timothy R. LeschkeAbstract:The Modern Age of digital forensics is characterized by a proliferation of artifacts, increased data complexity, larger and cheaper data storage, and the emergence of the need for tools that support timeline analysis, anomaly detection, and triage. Traditional text-based digital forensic tools can no longer keep pace with the demands of the modern digital forensic examiner. A new approach for developing digital forensic tools is required if digital forensics is going to avoid becoming stagnant. We apply the power of data visualization to support the needs of the modern digital forensic examiner. We design and develop a tool called Change-Link; a coordinated and multiple view tool which uses semantic zooming in the form of an overview, treeview, directory content view, and a metadata view to provide an understanding of digital forensic data that changes over time. By using this tool to examine a mock evidence hard drive containing Shadow Volume data provided by the Microsoft Volume Shadow Copy Service, we demonstrate a way to reduce data complexity and provide better forensic data analysis while supporting timeline analysis, anomaly detection, and a triage of the dataset. We demonstrate a proof for our broader hypothesis which is data visualization techniques can be developed to support better analysis of digital forensic data.
