乐胖代购免代理版

{"id":"https://openalex.org/W2026552140","doi":"https://doi.org/10.1109/issa.2013.6641056","title":"Forensic entropy analysis of microsoft windows storage volumes","display_name":"Forensic entropy analysis of microsoft windows storage volumes","publication_year":2013,"publication_date":"2013-08-01","ids":{"openalex":"https://openalex.org/W2026552140","doi":"https://doi.org/10.1109/issa.2013.6641056","mag":"2026552140"},"language":"en","primary_location":{"is_oa":false,"landing_page_url":"https://doi.org/10.1109/issa.2013.6641056","pdf_url":null,"source":{"id":"https://openalex.org/S4306418902","display_name":"Information Security for South Africa","issn_l":null,"issn":null,"is_oa":false,"is_in_doaj":false,"is_core":false,"host_organization":null,"host_organization_name":null,"host_organization_lineage":[],"host_organization_lineage_names":[],"type":"conference"},"license":null,"license_id":null,"version":null,"is_accepted":false,"is_published":false},"type":"article","type_crossref":"proceedings-article","indexed_in":["crossref"],"open_access":{"is_oa":false,"oa_status":"closed","oa_url":null,"any_repository_has_fulltext":false},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5065827584","display_name":"Peter Weston","orcid":null},"institutions":[{"id":"https://openalex.org/I124357947","display_name":"University of London","ror":"https://ror.org/04cw6st05","country_code":"GB","type":"education","lineage":["https://openalex.org/I124357947"]}],"countries":["GB"],"is_corresponding":false,"raw_author_name":"Peter Weston","raw_affiliation_strings":["Inf. Security Group, Univ. of London, Egham, UK#TAB#"],"affiliations":[{"raw_affiliation_string":"Inf. Security Group, Univ. of London, Egham, UK#TAB#","institution_ids":["https://openalex.org/I124357947"]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5013455841","display_name":"Stephen D. Wolthusen","orcid":null},"institutions":[],"countries":["NO"],"is_corresponding":false,"raw_author_name":"Stephen D. Wolthusen","raw_affiliation_strings":["Norwegian Information Security Laboratories, Gj\u00f8vik University College, Gj\u00f8vik, Norway#TAB#"],"affiliations":[{"raw_affiliation_string":"Norwegian Information Security Laboratories, Gj\u00f8vik University College, Gj\u00f8vik, Norway#TAB#","institution_ids":[]}]}],"institution_assertions":[],"countries_distinct_count":2,"institutions_distinct_count":1,"corresponding_author_ids":[],"corresponding_institution_ids":[],"apc_list":null,"apc_paid":null,"fwci":0.194,"has_fulltext":true,"fulltext_origin":"ngrams","cited_by_count":1,"citation_normalized_percentile":{"value":0.255602,"is_in_top_1_percent":false,"is_in_top_10_percent":false},"cited_by_percentile_year":{"min":65,"max":72},"biblio":{"volume":null,"issue":null,"first_page":null,"last_page":null},"is_retracted":false,"is_paratext":false,"primary_topic":{"id":"https://openalex.org/T12034","display_name":"Digital and Cyber Forensics","score":0.9995,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T12034","display_name":"Digital and Cyber Forensics","score":0.9995,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T12357","display_name":"Digital Media Forensic Detection","score":0.9988,"subfield":{"id":"https://openalex.org/subfields/1707","display_name":"Computer Vision and Pattern Recognition"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11241","display_name":"Advanced Malware Detection Techniques","score":0.9981,"subfield":{"id":"https://openalex.org/subfields/1711","display_name":"Signal Processing"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/copying","display_name":"Copying","score":0.45595884}],"concepts":[{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.7267062},{"id":"https://openalex.org/C106301342","wikidata":"https://www.wikidata.org/wiki/Q4117933","display_name":"Entropy (arrow of time)","level":2,"score":0.6138082},{"id":"https://openalex.org/C148730421","wikidata":"https://www.wikidata.org/wiki/Q141090","display_name":"Encryption","level":2,"score":0.6083977},{"id":"https://openalex.org/C84418412","wikidata":"https://www.wikidata.org/wiki/Q3246940","display_name":"Digital forensics","level":2,"score":0.5267952},{"id":"https://openalex.org/C125112378","wikidata":"https://www.wikidata.org/wiki/Q176640","display_name":"Randomness","level":2,"score":0.48207217},{"id":"https://openalex.org/C124101348","wikidata":"https://www.wikidata.org/wiki/Q172491","display_name":"Data mining","level":1,"score":0.46229073},{"id":"https://openalex.org/C2779151265","wikidata":"https://www.wikidata.org/wiki/Q1156791","display_name":"Copying","level":2,"score":0.45595884},{"id":"https://openalex.org/C20556612","wikidata":"https://www.wikidata.org/wiki/Q4469374","display_name":"Volume (thermodynamics)","level":2,"score":0.43694016},{"id":"https://openalex.org/C77088390","wikidata":"https://www.wikidata.org/wiki/Q8513","display_name":"Database","level":1,"score":0.35315108},{"id":"https://openalex.org/C111919701","wikidata":"https://www.wikidata.org/wiki/Q9135","display_name":"Operating system","level":1,"score":0.17709398},{"id":"https://openalex.org/C33923547","wikidata":"https://www.wikidata.org/wiki/Q395","display_name":"Mathematics","level":0,"score":0.1699144},{"id":"https://openalex.org/C105795698","wikidata":"https://www.wikidata.org/wiki/Q12483","display_name":"Statistics","level":1,"score":0.14377159},{"id":"https://openalex.org/C121332964","wikidata":"https://www.wikidata.org/wiki/Q413","display_name":"Physics","level":0,"score":0.0},{"id":"https://openalex.org/C62520636","wikidata":"https://www.wikidata.org/wiki/Q944","display_name":"Quantum mechanics","level":1,"score":0.0},{"id":"https://openalex.org/C17744445","wikidata":"https://www.wikidata.org/wiki/Q36442","display_name":"Political science","level":0,"score":0.0},{"id":"https://openalex.org/C199539241","wikidata":"https://www.wikidata.org/wiki/Q7748","display_name":"Law","level":1,"score":0.0}],"mesh":[],"locations_count":1,"locations":[{"is_oa":false,"landing_page_url":"https://doi.org/10.1109/issa.2013.6641056","pdf_url":null,"source":{"id":"https://openalex.org/S4306418902","display_name":"Information Security for South Africa","issn_l":null,"issn":null,"is_oa":false,"is_in_doaj":false,"is_core":false,"host_organization":null,"host_organization_name":null,"host_organization_lineage":[],"host_organization_lineage_names":[],"type":"conference"},"license":null,"license_id":null,"version":null,"is_accepted":false,"is_published":false}],"best_oa_location":null,"sustainable_development_goals":[{"display_name":"Responsible consumption and production","id":"https://metadata.un.org/sdg/12","score":0.46}],"grants":[],"datasets":[],"versions":[],"referenced_works_count":35,"referenced_works":["https://openalex.org/W134076915","https://openalex.org/W139030970","https://openalex.org/W1577231857","https://openalex.org/W1750292977","https://openalex.org/W1859950511","https://openalex.org/W1929436232","https://openalex.org/W1970887064","https://openalex.org/W1971505546","https://openalex.org/W1985972324","https://openalex.org/W1989007169","https://openalex.org/W2019239374","https://openalex.org/W2024171325","https://openalex.org/W2049076353","https://openalex.org/W2069028274","https://openalex.org/W2096493624","https://openalex.org/W2097726984","https://openalex.org/W2101347959","https://openalex.org/W2104529203","https://openalex.org/W2107745473","https://openalex.org/W2112437856","https://openalex.org/W2116773818","https://openalex.org/W2117649838","https://openalex.org/W2122031263","https://openalex.org/W2122956713","https://openalex.org/W2127619106","https://openalex.org/W2131202906","https://openalex.org/W2141040970","https://openalex.org/W2143421017","https://openalex.org/W2150423842","https://openalex.org/W2151958475","https://openalex.org/W2169369860","https://openalex.org/W2741914005","https://openalex.org/W4352779","https://openalex.org/W4388658022","https://openalex.org/W608085605"],"related_works":["https://openalex.org/W4318471783","https://openalex.org/W4308771405","https://openalex.org/W4299420056","https://openalex.org/W3080197661","https://openalex.org/W3035605494","https://openalex.org/W2991781269","https://openalex.org/W2963669501","https://openalex.org/W2951756867","https://openalex.org/W2760667490","https://openalex.org/W2355873265"],"abstract_inverted_index":{"The":[0,174],"use":[1,164,200],"of":[2,26,34,85,98,114,117,131,165,181,198,201,218],"file":[3,106,145],"or":[4,95],"volume":[5,62,108,118,147],"encryption":[6,202],"as":[7,74,79,226],"a":[8,61,139],"counter-forensic":[9],"technique,":[10],"particularly":[11,44],"when":[12],"combined":[13],"with":[14,71],"stegano-graphic":[15],"mechanisms,":[16,154],"depends":[17],"on":[18,112],"the":[19,24,31,93,115,132,152,157,160,178,199,216],"ability":[20],"to":[21,58,191],"plausibly":[22],"deny":[23],"presence":[25,33],"such":[27,78,225],"encrypted":[28,35,99,219],"data.":[29,229],"Establishing":[30],"likely":[32],"data":[36,73,220,224],"is":[37,168],"hence":[38],"highly":[39],"desirable":[40],"for":[41,215],"forensic":[42,53],"investigations,":[43],"if":[45],"an":[46,166],"automated":[47],"heuristic":[48],"can":[49,101],"be":[50,56,88,102],"devised.":[51],"Similarly,":[52,150,204],"analysts":[54],"must":[55],"able":[57],"identify":[59],"whether":[60],"has":[63],"been":[64,210],"sanitised":[65],"by":[66],"re-installation":[67],"and":[68,83,107,143,146,187,206],"subsequent":[69],"re-population":[70],"user":[72],"otherwise":[75],"significant":[76],"information":[77],"slack":[80,194],"space":[81,195],"contents":[82],"files":[84],"interest":[86],"will":[87],"unavailable.":[89],"We":[90],"claim":[91],"that":[92,159],"current":[94],"previous":[96],"existence":[97],"volumes":[100],"derived":[103],"from":[104,221],"studying":[105],"entropy":[109,119,148,171,196,205],"characteristics":[110],"based":[111],"knowledge":[113],"development":[116],"over":[120,138],"time.":[121],"To":[122],"validate":[123],"our":[124],"hypothesis,":[125],"we":[126,155],"have":[127,209],"examined":[128],"several":[129,182],"versions":[130],"Microsoft":[133],"Windows":[134],"operating":[135],"system":[136],"platform":[137],"simulated":[140],"installation":[141,167],"life-cycle":[142],"established":[144],"metrics.":[149],"using":[151],"same":[153],"verified":[156],"hypothesis":[158],"aging":[161],"through":[162,170],"regular":[163],"identifiable":[169],"fingerprint":[172],"analysis.":[173],"results":[175],"obtained":[176],"allow":[177],"rapid":[179],"identification":[180],"volume-level":[183],"operations":[184],"including":[185],"copying":[186],"wiping,":[188],"but":[189],"also":[190],"detect":[192],"anomalous":[193],"indicative":[197],"techniques.":[203],"randomness":[207],"tests":[208],"devised":[211],"which":[212],"provide":[213],"heuristics":[214],"differentiation":[217],"other":[222],"high-entropy":[223],"compressed":[227],"media":[228]},"cited_by_api_url":"https://api.openalex.org/works?filter=cites:W2026552140","counts_by_year":[{"year":2015,"cited_by_count":1}],"updated_date":"2024-12-13T19:43:16.102416","created_date":"2016-06-24"}