A Meta-Heuristic Method for Reassemble Bifragmented Intertwined JPEG Image Files in Digital Forensic Investigation

A Meta-Heuristic Method for Reassemble Bifragmented Intertwined JPEG Image Files in Digital Forensic Investigation

Traditional image recovery from corrupted file systems plays a significant role in Digital Forensics investigation. The images are mainly considered objective court evidence. Since the JPEG image format is less structured than other image formats (e.g., BMP, PNG, GIF, and TIFF), its recovery is more...

Full description

Saved in:
Bibliographic Details
Published in:IEEE access Vol. 11; pp. 111789 - 111800
Main Authors: Ali, Rabei Raad, Mohamad, Kamaruddin Malik Bin, Mostafa, Salama A., Zebari, Dilovan Asaad, Jubair, Mohammed Ahmed, Alouane, M. Turki-Hadj
Format: Journal Article
Language:English
Published: Piscataway IEEE 2023
The Institute of Electrical and Electronics Engineers, Inc. (IEEE)
Subjects:
Biological cells
coherence of Euclidean distance
Computer forensics
Cost function
Datasets
DFRWS datasets
Digital forensic
Digital forensics
Digital imaging
Euclidean distance
Euclidean geometry
Forensic computing
genetic algorithm
Genetic algorithms
Heuristic methods
Image compression
image recovery
JPEG image
meta-heuristic
Metaheuristics
Optimization
reassemble images
Recovery
restart marker
Sociology
Statistics
Transform coding
Online Access:Get full text
Tags: Add Tag
No Tags, Be the first to tag this record!
Description
Summary:Traditional image recovery from corrupted file systems plays a significant role in Digital Forensics investigation. The images are mainly considered objective court evidence. Since the JPEG image format is less structured than other image formats (e.g., BMP, PNG, GIF, and TIFF), its recovery is more challenging. The paper's main objective is to apply a metaheuristic optimization algorithm with similarity metric to recover Bifragmented intertwined JPEG images. We propose a new method known as Meta-Heuristic Reassemble Images (MHRI) for forensic recovery of Bifragmented intertwined JPEG images in the scan area, where all the fragments are in a linear order. The contribution of this paper lies in the following key components composing the MHRI method: 1) restart marker to remove some strange blocks from the scan area; 2) coherence of Euclidean Distance metric (CoEDm) to detect the fragmentation point of intertwined JPEG image; and 3) genetic Algorithm with cost function to predict if every two blocks are sequenced in the same image that searches for the best reassembly solution among the existing solutions. The MHRI method is implemented using MATLAB and tested using public datasets of 25 JPEG images and private dataset of 6 JPEG images. The MHRI process can fully recover all the Bifragmented intertwined JPEG images and 48.4% of all the JPEG images, which comparably performs better than similar methods.
ISSN:2169-3536
2169-3536
DOI:10.1109/ACCESS.2023.3321680