Tuesday 5th November, 2013
3:00pm to 3:35pm
SIFTER is being released open-source during summer 2013, and instantiates five years of research to thematically cluster and relevancy rank string search hits. SIFTER is ‘Google’ for digital forensics investigators, enabling them to realistically conduct text-based searches. Valuable digital evidence in many cases is textual in nature, yet existing tools and approaches make it simply unrealistic to search through millions of search hits to find the couple percent that are important to the case. SIFTER is a fundamental paradigm shift in string searching for digital forensic investigators. Now they can review hits ranked based on features typically related to hit relevancy. They can also review hits clustered-individually and regionally-based on thematically related content. This enables investigators to quickly and reliably ignore remaining hits in clusters or cluster regions deemed irrelevant, or alternatively, drill down into clusters and regions to find more relevant hits when some are found. SIFTER is supported by published research, was a funded development project for real-world users, and will soon be available to users as a stand-alone tool. Developers of existing open-source and industry leading closed-source tools will also benefit from this presentation, since the SIFTER approach can be integrated into existing tools.
Sign in to add slides, notes or videos to this session