基于Hadoop的高效分布式取证：原理与方法

doi:10.3969/j.issn.1000-0801.2014.01.005

Abstract

Abstract:

With the development and popularization of information technology and intelligence device, the diversity of different device making forensic analysis of existing equipment cannot meet today's networking and storage technology requirements, and exhibit complex operation, low efficiency, on high speed disk image storage and massive data correlation. An efficient distributed forensics system based on Hadoop technique, which can support multiple concurrent media scene forensics work, was designed and implemented, and through the dispatch control services would be evidence of different data storage media to a different distributed data storage server, each forensic task runtime could monopolize a forensic medium to achieve a parallel multiple media forensic analysis. Data show that responsible acknowledge duration will be 0.1 s for a 2～4 GB text file.

Key words: Hadoop, distributed system, forensic, massive data, multiple media

Songyang Wu,Xizhe Zhang,Xupeng Wang,Xiangxue Li. An Efficient Distributed Forensic System Based on Hadoop:Principle and Method[J]. Telecommunications Science, 2014, 30(1): 31-38.

Figures/Tables 13

References 16

1	Wang X Q . How to discover the truth in data. China Information Security, 2009 （11）:23～24
2	Intel Corporation. Understanding the Flash Translation Layer （FTL）Specification, December 1998
3	King C , Vidas T . Empirical analysis of solid state disk data retention when used with contemporary operating systems. Digital Investigation, 2011 （8）:111～117
4	Wikipedia Apache Hadoop.,2013
5	Analyzing big data with Hadoop, decorated a new history. , 2011
6	Zhou W C , Tao T , Boon T L , et al. Declarative secure distributed information systems. Computer Languages,Systems and Structures, 2013,39 （1）:1～24
7	Jens D , Jorge-Arnulfo . Efficient big data processing in Hadoop MapReduce. Proceedings of the VLDB Endowment, 2012,5 （12）:2014～2015
8	Prashant S , Kamalakar K . A multi-agent simulation framework on small Hadoop cluster. Engineering Applications of Artificial Intelligence, 2011,24 （7）:1120～1127
9	Wang S G , Su W , Zhu X L , et al. A Hadoop-based approach for efficient web service management. International Journal of Web and Grid Services, 2013,9 （1）:18～34
10	Wu T Y , Chen C Y , Kuo L S , et al. Cloud-based image processing system with priority-based data distribution mechanism, 2012,35 （15）:1809～1818
11	Zhao M , Mao R , Jiang R . Transparent encryption file system model based on filter driver.Computer Engineering, 2009 （15）:51
12	Kathleen E , Shrideep P . On the performance of high dimensional data clustering and classification algorithms. Future Generation Computer Systems, 2013,29 （4）:1024～1034
13	Satish N S , Pelle J , Eero V . Adapting scientific computing problems to clouds using MapReduce. Future Generation Computer Systems, 2012,28 （10）:184～192
14	Jiang D W , Deng C O , Shi L , et a. The performance of MapReduce: an in-depth study. Proceedings of the VLDB Endowment, 2010,3 （1/2）:472～483
15	Erik R . The Odd couple: hardware and software. IEEE Micro, 2012,32 （4）:2～2
16	Neal L . Bringing big analytics to the masses. Computer, 2013,46 （1）:20～23

Metrics

Recommended 0

No Suggested Reading articles found!

	核心网络/Gbit/s	数据存储/TB	搜索（2～4GB文本数据）	可用性（单个CPU最大支持文本）/GB
non-Hadoop	10	200	＞0.6s	10
Hadoop-V	8	200	～0.3s	50
Hadoop-A	10	300	～0.1s	100

取证分析	Hadoop集群耗时/s	non-Hadoop集群耗时/s
50 GB镜像（完整）	296	260
100 GB镜像（完整）	515	495
200 GB镜像（完整）	980	972
500 GB镜像（完整）	2 300	2 277
500 GB镜像（分割成10份）	362	2 287
1 TB镜像（完整）	4 534	4 494
1 TB镜像（分割成10份）	585	4 615
2 TB镜像（完整）	9 729	9 589
2 TB镜像（分割成10份）	1 070	9 709

[1]	Yuan WANG,Hao JIANG,Ming WU,Donggui YAO,Yi ZHANG,Shuwen YI,Hai WANG,Jing WU. A distributed high efficiency similarity matrix computation method based on users’ mobile network access location [J]. Telecommunications Science, 2018, 34(5): 26-38.
[2]	Chengling LI,Yuxiang ZHENG,Yiqi HONG,Wen LI,Huimin GUO. Research on the selection of grid data storage technology [J]. Telecommunications Science, 2018, 34(5): 183-191.
[3]	Wei PENG,Xiaodong HE,Xiaoming LU,Chuanxin JI. Optimization and application of the carrier DNS data analysis technology [J]. Telecommunications Science, 2018, 34(3): 138-144.
[4]	Junwen LIU,Shuo CUI,Xiaomeng LI,Zhihong LI,Yang LI. Service impact analysis and visualization display based on massive real-time monitoring data [J]. Telecommunications Science, 2018, 34(3): 192-196.
[5]	Haiyong XU,Yan HUANG. Applications of a big data platform based on PaaS [J]. Telecommunications Science, 2018, 34(1): 148-157.
[6]	Enming SHI,Xiaojun XIAO,Yu LU. Research and design of distributed high-performance network reptiles based on cloud platform [J]. Telecommunications Science, 2017, 33(8): 180-186.
[7]	Anshan PEI,Rangding WANG,Diqun YAN. Source cell-phone identification from recorded speech using non-speech segments [J]. Telecommunications Science, 2017, 33(7): 103-111.
[8]	Ai FANG,Yuzhong HANG,Xiong XU,Duo JIN. Scheme and practice of IPTV user viewing behavior analysis based on MapR [J]. Telecommunications Science, 2017, 33(2): 138-144.
[9]	Anshan PEI,Rangding WANG,Diqun YAN. Cell-phone origin identification based on spectral features of device self-noise [J]. Telecommunications Science, 2017, 33(1): 85-94.
[10]	Baoyou WANG,Jing QIAN,Shijin YUAN. Research and implementation on acquisition scheme of telecom big data based on Hadoop [J]. Telecommunications Science, 2017, 33(1): 135-142.
[11]	Nanhai LIU,Lei LEI,Rui WANG. Practice and thinking on the transition of telecom operator analysis support system in big data era [J]. Telecommunications Science, 2016, 32(8): 146-158.
[12]	Zaole TAN,Zhifeng HAO,Ruichu CAI,Xiaojun XIAO,Yu LU. Hadoop bottleneck detection algorithm based on information gain [J]. Telecommunications Science, 2016, 32(7): 115-120.
[13]	Yuanning LI,Sen LIU,Shijun ZHANG,Feng CHEN,Zhiying WANG. Practice and application of distributed data quality management system in power enterprise [J]. Telecommunications Science, 2016, 32(4): 169-174.
[14]	Huaiyu GONG,Jinsong XU,Pan WANG. An associated perception import method for big data [J]. Telecommunications Science, 2016, 32(3): 130-134.
[15]	Hongxun GU,Ke YANG. Mobile user behavior analysis system and applications based on big data [J]. Telecommunications Science, 2016, 32(3): 139-146.

An Efficient Distributed Forensic System Based on Hadoop:Principle and Method

RichHTML

PDF下载

Knowledge

Abstract

Cite this article

share this article

Figures/Tables 13

References 16

Related Articles 15

Metrics

Recommended 0