Forensic Clusters Presentation at DOD CyberCrime Conference 2012

Posted on January 21st, 2012 in Blog, Conferences, HomePage. Jon and I will be at the Department of Defense CyberCrime Conference this week presenting Forensic Clusters: Advanced Processing with Open Source Software. The session will be on Wednesday at 11 AM in the Learning Center room. We’re looking forward to hearing feedback after the session.

There’s a lot of concern in the forensics community about increasing data volumes and how we can look at less data. We believe there’s a lot of value in learning from larger data sets, and would love to speak with anyone interested in implementing large scale processing for forensics. Please call or email us if you’re interested in meeting – we’ll be in Atlanta all week. Here’s the description of the session:

The Sleuth Kit (TSK) is a well-known cross-platform library and set of command line tools for computer forensics. We will discuss the development and capabilities of a new open source tool and automated forensic processing system that incorporates TSK, and is built on top of Hadoop from the Apache Software Foundation. Hadoop underpins a reliable and scalable architecture very similar to that used by Google to index and categorize Internet content and is in use at many familiar companies such as Facebook and Yahoo! We have leveraged that capability to create a processing platform that works in conjunction with TSK to provide forensically sound hard drive extraction while automating forensic processes and providing safe data storage. The tool includes advanced features, such as face detection, graphics clustering, video analysis, and document clustering, and also provides an easy to use plugin interface for community members to extend functionality. Speeding up processes is as simple as adding another machine to the cluster, scaling as far and as fast as the user desires, not limited simply to three or four nodes. We will also demonstrate measured performance increases to be gained on different size clusters.

Be on the lookout for a Lightgrep for EnCase update very soon. While it has taken a little longer than we would have liked, we’re extremely excited about the capabilities of Lightgrep and hope you will be, too.

info@lightboxtechnologies.com
(646) 719-0317