15
National Software Reference Library Douglas White

National Software Reference Library - DFRWSold.dfrws.org/.../presentations/DFRWS2014-pres1.pdfNational Software Reference Library 14,320 Applications 2,281 Manufacturers 696 Operating

  • Upload
    others

  • View
    22

  • Download
    0

Embed Size (px)

Citation preview

Page 1: National Software Reference Library - DFRWSold.dfrws.org/.../presentations/DFRWS2014-pres1.pdfNational Software Reference Library 14,320 Applications 2,281 Manufacturers 696 Operating

National Software Reference Library

Douglas White

Page 2: National Software Reference Library - DFRWSold.dfrws.org/.../presentations/DFRWS2014-pres1.pdfNational Software Reference Library 14,320 Applications 2,281 Manufacturers 696 Operating

Disclaimer / Disclosure

Trade names and company products are mentioned in the text or identified. In no case does such identification imply recommendation or endorsement by the National Institute of Standards and Technology, nor does it imply that the products are necessarily the best available for the purpose.

This research was funded by the National Institute of Standards and Technology Office of Law Enforcement Standards, the Department of Justice National Institute of Justice, the Federal Bureau of Investigation and the National Archives and Records Administration.

Page 3: National Software Reference Library - DFRWSold.dfrws.org/.../presentations/DFRWS2014-pres1.pdfNational Software Reference Library 14,320 Applications 2,281 Manufacturers 696 Operating

National Software Reference Library

Page 4: National Software Reference Library - DFRWSold.dfrws.org/.../presentations/DFRWS2014-pres1.pdfNational Software Reference Library 14,320 Applications 2,281 Manufacturers 696 Operating
Page 5: National Software Reference Library - DFRWSold.dfrws.org/.../presentations/DFRWS2014-pres1.pdfNational Software Reference Library 14,320 Applications 2,281 Manufacturers 696 Operating

National Software Reference Library

Page 6: National Software Reference Library - DFRWSold.dfrws.org/.../presentations/DFRWS2014-pres1.pdfNational Software Reference Library 14,320 Applications 2,281 Manufacturers 696 Operating

National Software Reference Library

Page 7: National Software Reference Library - DFRWSold.dfrws.org/.../presentations/DFRWS2014-pres1.pdfNational Software Reference Library 14,320 Applications 2,281 Manufacturers 696 Operating

National Software Reference Library

Page 8: National Software Reference Library - DFRWSold.dfrws.org/.../presentations/DFRWS2014-pres1.pdfNational Software Reference Library 14,320 Applications 2,281 Manufacturers 696 Operating

National Software Reference Library

Page 9: National Software Reference Library - DFRWSold.dfrws.org/.../presentations/DFRWS2014-pres1.pdfNational Software Reference Library 14,320 Applications 2,281 Manufacturers 696 Operating

National Software Reference Library

14,320 Applications2,281 Manufacturers

696 Operating Systems30,193,306 Unique Files (corpus)

37,827,886 Unique Files (DB)192,090,545 File Records

Many Registry entries

Shrinkwrapped & “Clickwrapped” products

Mobile device apps, iOS & AndroidScope: free, popular apps

Page 10: National Software Reference Library - DFRWSold.dfrws.org/.../presentations/DFRWS2014-pres1.pdfNational Software Reference Library 14,320 Applications 2,281 Manufacturers 696 Operating

National Software Reference Library

x = int(log(bytes)/log(2)) , y = count of filesMajority are between 1024 and 8192 bytes

Page 11: National Software Reference Library - DFRWSold.dfrws.org/.../presentations/DFRWS2014-pres1.pdfNational Software Reference Library 14,320 Applications 2,281 Manufacturers 696 Operating

National Software Reference Library

4,653,105 .GIF2,852,898 .HTML2,334,990 .CLASS1,768,049 .HTM1,492,402 .JPG1,070,950 .PNG1,050,296 .WMF1,026,247 .C 962,059 .H 907,594 .DLL 537,649 .EPS 524,945 .XML 402,867 .WAV 341,116 .TXT 331,244 .EXE

Page 12: National Software Reference Library - DFRWSold.dfrws.org/.../presentations/DFRWS2014-pres1.pdfNational Software Reference Library 14,320 Applications 2,281 Manufacturers 696 Operating

National Software Reference Library

RDS – SHA1, MD5, CRC32Additionally: SHA256, SHA512, SHA3 (upon FIPS)Block hashesBulk_extractorApproximate matching : SP 800-168

http://csrc.nist.gov/publications/PubsSPs.html

Corpus of unique filesCollection of media (disk) imagesPhotographs of materials

Installation in virtual machinesMemoryRegistryNetwork

Page 13: National Software Reference Library - DFRWSold.dfrws.org/.../presentations/DFRWS2014-pres1.pdfNational Software Reference Library 14,320 Applications 2,281 Manufacturers 696 Operating

National Software Reference Library

Taxonomy of applications, OSes

Automated identification: SWIDTags (ISO 19770)

Interoperability with National Vulnerability Database

CYBOX, DFXML

Page 14: National Software Reference Library - DFRWSold.dfrws.org/.../presentations/DFRWS2014-pres1.pdfNational Software Reference Library 14,320 Applications 2,281 Manufacturers 696 Operating

Contacts

Barbara Guttman, Software and Systems [email protected]

Douglas White, [email protected] -or- [email protected]

www.nsrl.nist.gov

Susan Ballou, Office of Law Enforcement StandardsRep. For State/Local Law Enforcement

[email protected]

Page 15: National Software Reference Library - DFRWSold.dfrws.org/.../presentations/DFRWS2014-pres1.pdfNational Software Reference Library 14,320 Applications 2,281 Manufacturers 696 Operating

National Software Reference Library


Narrative for Planning · Web viewReal Estate and Rental and Leasing 788 $420 $4,310,012 0.9% Professional, Scientific & Technical Services 2,281 $770 $22,846,149 2.7% Management of

Narrative for Planning · Web viewReal Estate and Rental and Leasing 788 $420 $4,310,012 0.9% Professional, Scientific & Technical Services 2,281 $770 $22,846,149 2.7% Management of

Documents
131,922 125,678 14,320. 89% - tccb.gov.tr · 2021. 2. 4. · Bank Asya Data Examination System ..... 14 3.3. An Example Of Inquiry Concerning The Information On The Credit Use By

131,922 125,678 14,320. 89% - tccb.gov.tr · 2021. 2. 4. · Bank Asya Data Examination System ..... 14 3.3. An Example Of Inquiry Concerning The Information On The Credit Use By

Documents
Enabling Digital Forensics Practices in Libraries ...old.dfrws.org/2014/proceedings/presentations/DFRWS2014-pres4.pdf · Chain of Custody • “Succession of offices or persons who

Enabling Digital Forensics Practices in Libraries ...old.dfrws.org/2014/proceedings/presentations/DFRWS2014-pres4.pdf · Chain of Custody • “Succession of offices or persons who

Documents
Unlocking the potential of energy efficiency within local ... · replacing 2,281 existing street lights with energy efficient LED (Light Emitting Diode) lamps . This number was revised

Unlocking the potential of energy efficiency within local ... · replacing 2,281 existing street lights with energy efficient LED (Light Emitting Diode) lamps . This number was revised

Documents
14,320 12,420 1,612 653 465 158 81 1 - New Beginningsnewbeginmaine.org/wp-content/uploads/2014/06/New...From the Executive Director Dear Friends of New Beginnings, One of the things

14,320 12,420 1,612 653 465 158 81 1 - New Beginningsnewbeginmaine.org/wp-content/uploads/2014/06/New...From the Executive Director Dear Friends of New Beginnings, One of the things

Documents
t P r e v enti o n e f A h u h o t u A PA t i o y AT · Mr. Fausto Martin Ms. Laura Pierman Vice President and Chief Claims Officer Claims Facility Manager Auto ... 2011 2,281 $27,508,471

t P r e v enti o n e f A h u h o t u A PA t i o y AT · Mr. Fausto Martin Ms. Laura Pierman Vice President and Chief Claims Officer Claims Facility Manager Auto ... 2011 2,281 $27,508,471

Documents
Gain a sustainable advantage - Home | Apogee Interactive€¦ · Q9 –Please choose any updates you’ve made to your home in recent years or plan to do in the coming year. n=2,281

Gain a sustainable advantage - Home | Apogee Interactive€¦ · Q9 –Please choose any updates you’ve made to your home in recent years or plan to do in the coming year. n=2,281

Documents
Informaon)Assurance) in)a Distributed)Forensic) Cluster)old.dfrws.org/.../presentations/DFRWS2014-pres3.pdf · 2014-08-09 · Informaon)Assurance) in)a Distributed)Forensic) Cluster))

Informaon)Assurance) in)a Distributed)Forensic) Cluster)old.dfrws.org/.../presentations/DFRWS2014-pres3.pdf · 2014-08-09 · Informaon)Assurance) in)a Distributed)Forensic) Cluster))

Documents
JOIN ASIA’S LARGEST FOOD INNOVATION EXHIBITION · 2017-03-14 · · World’s biggest exporter ($2,281 billion in 2015) and largest importer ($1,681 billion in 2015) · World's

JOIN ASIA’S LARGEST FOOD INNOVATION EXHIBITION · 2017-03-14 · · World’s biggest exporter ($2,281 billion in 2015) and largest importer ($1,681 billion in 2015) · World's

Documents
防災拠点となる公共施設等の耐震化推進状況調査結果123 951 379 507 65 172 2,281 84.7% 90.6% 3 岩手県 2,342 1,445 897 718 324 310 84 179 2,079 80.0% 88.8% 4

防災拠点となる公共施設等の耐震化推進状況調査結果123 951 379 507 65 172 2,281 84.7% 90.6% 3 岩手県 2,342 1,445 897 718 324 310 84 179 2,079 80.0% 88.8% 4

Documents
Resilience continues Rs 166 Rs 250 ( Emkay Click here to ... Tech_Q1F… · (Emkay) (Consensus) (Emkay) (Consensus) Sales 14,320 14,469 14,653 -1% -2% Revenue came in line with our

Resilience continues Rs 166 Rs 250 ( Emkay Click here to ... Tech_Q1F… · (Emkay) (Consensus) (Emkay) (Consensus) Sales 14,320 14,469 14,653 -1% -2% Revenue came in line with our

Documents
SCHOOL DISTRICT LONG-TERM FACILITY PLAN Putting the … Plan... · 2012-09-28 · Neighbourhood & Area Structure Plan 1,365 4,223 3,832 4,900 14,320 19,560 Proposed ... •Will decline

SCHOOL DISTRICT LONG-TERM FACILITY PLAN Putting the … Plan... · 2012-09-28 · Neighbourhood & Area Structure Plan 1,365 4,223 3,832 4,900 14,320 19,560 Proposed ... •Will decline

Documents
CHAMPAIGN, IL · 1,392 SF 1,440 SF 3,118 SF 3,000 SF 1,600 SF 2,170 SF 2,110 SF 2,281 SF 4,755 SF 2,229 SF 3,670 SF Leased Ultimate Tan Pancake House Banquet Center Smoothie King

CHAMPAIGN, IL · 1,392 SF 1,440 SF 3,118 SF 3,000 SF 1,600 SF 2,170 SF 2,110 SF 2,281 SF 4,755 SF 2,229 SF 3,670 SF Leased Ultimate Tan Pancake House Banquet Center Smoothie King

Documents
British Columbia...70 412 3 6,673 2,281 8,954 7,272 16,226 EARNINGS (in $000) YEAR ENDED MARCH 31 REVENUE Investment income Interest income EXPENSES Advertising and promotion ... The

British Columbia...70 412 3 6,673 2,281 8,954 7,272 16,226 EARNINGS (in $000) YEAR ENDED MARCH 31 REVENUE Investment income Interest income EXPENSES Advertising and promotion ... The

Documents
VBECS user guide - United States Department of … · Web view... 2,234, 2,257, 2,259, 2,261, 2,262, 2,263, 2,270, 2,273, 2,281, 2,282, 2,286, 2,295, 2,309, 2,310, 2,318, 2,330, 2,337,

VBECS user guide - United States Department of … · Web view... 2,234, 2,257, 2,259, 2,261, 2,262, 2,263, 2,270, 2,273, 2,281, 2,282, 2,286, 2,295, 2,309, 2,310, 2,318, 2,330, 2,337,

Documents
RE(:)&go - Center for Computation and Technologygolden/Materials/DFRWS2014-GO... · 2017. 1. 9. · Golden G. Richard III University of New Orleans and Arcane Alloy, LLC golden@cs.uno.edu

RE(:)&go - Center for Computation and Technologygolden/Materials/DFRWS2014-GO... · 2017. 1. 9. · Golden G. Richard III University of New Orleans and Arcane Alloy, LLC [email protected]

Documents
24,553 sq ft (2,281 sq m) · 2020-05-12 · 3rd Floor Vacant 3,128 3,128 4th Floor Vacant 3,069 3,069 5th Floor Vacant 1,314 1,314 Total 24,553 FLOOR AREAS Column WCL 0.80 WHL 3.26

24,553 sq ft (2,281 sq m) · 2020-05-12 · 3rd Floor Vacant 3,128 3,128 4th Floor Vacant 3,069 3,069 5th Floor Vacant 1,314 1,314 Total 24,553 FLOOR AREAS Column WCL 0.80 WHL 3.26

Documents
In lieu of swap: Analyzing compressed RAM in Mac OS X and ...golden/Papers/DFRWS2014-1.pdfgeout.c) in the Mac OS X Mavericks kernel (Apple, 2013), illustrated in Listing 1. This function

In lieu of swap: Analyzing compressed RAM in Mac OS X and ...golden/Papers/DFRWS2014-1.pdfgeout.c) in the Mac OS X Mavericks kernel (Apple, 2013), illustrated in Listing 1. This function

Documents
$426.01 $3,800.00 $2,281 - Bozeman

$426.01 $3,800.00 $2,281 - Bozeman

Documents
 · PwC Hong Kong 3,147 Partners & Staff PwC Taiwan 2,281 Partners & Staff 2010 Green Procurement Award Taipei Municipal Environmental Protection Bureau We have 583 partners 13,775

 · PwC Hong Kong 3,147 Partners & Staff PwC Taiwan 2,281 Partners & Staff 2010 Green Procurement Award Taipei Municipal Environmental Protection Bureau We have 583 partners 13,775

Documents
JOIN ASIA’S LARGEST FOOD INNOVATION EXHIBITION · · World’s biggest exporter ($2,281 billion in 2015) and largest importer ($1,681 billion in 2015) · World's largest on-line

JOIN ASIA’S LARGEST FOOD INNOVATION EXHIBITION · · World’s biggest exporter ($2,281 billion in 2015) and largest importer ($1,681 billion in 2015) · World's largest on-line

Documents
North Essex Authorities Matter 3: Meeting housing needs (Policy … · requirement figures of 14,320 (716dpa) for Braintree, 18,400 (920dpa) for Colchester and 11,000 (550dpa) for

North Essex Authorities Matter 3: Meeting housing needs (Policy … · requirement figures of 14,320 (716dpa) for Braintree, 18,400 (920dpa) for Colchester and 11,000 (550dpa) for

Documents
The$opinions$expressed$and$materials$shared$in$this ...old.dfrws.org/2014/proceedings/presentations/DFRWS2014-pres7.pdf · Why are we talking about Arduino? $ New,$ founda1onal$ technology$

The$opinions$expressed$and$materials$shared$in$this ...old.dfrws.org/2014/proceedings/presentations/DFRWS2014-pres7.pdf · Why are we talking about Arduino? $ New,$ founda1onal$ technology$

Documents
WAVERLY WOODS VILLAGE CENTER - LoopNet€¦ · WAVERLY WOODS VILLAGE CENTER 10775 BIRMINGHAM WAY WOODSTOCK, MD 21163 WOODSTOCK 1,600 / 2,281 / 1,398 SF AVAILABLE DEMOGRAPHIC SNAPSHOT

WAVERLY WOODS VILLAGE CENTER - LoopNet€¦ · WAVERLY WOODS VILLAGE CENTER 10775 BIRMINGHAM WAY WOODSTOCK, MD 21163 WOODSTOCK 1,600 / 2,281 / 1,398 SF AVAILABLE DEMOGRAPHIC SNAPSHOT

Documents
Investor Relations · 2020. 11. 24. · 3 [억원] 3.분기별실적추이 1,997 1,939 2,328 2,155 2,386 2,339 2,716 2,281 2,376 2,891 3,624 54 22 71 10 69 82 120 16 108 114 147 70

Investor Relations · 2020. 11. 24. · 3 [억원] 3.분기별실적추이 1,997 1,939 2,328 2,155 2,386 2,339 2,716 2,281 2,376 2,891 3,624 54 22 71 10 69 82 120 16 108 114 147 70

Documents
14,320 12,420 1,612 653 465 158 81 1 - newbeginmaine.org · young people with no place to go. Ours is the last remaining shelter in Maine licensed to provide 24 hour care for children

14,320 12,420 1,612 653 465 158 81 1 - newbeginmaine.org · young people with no place to go. Ours is the last remaining shelter in Maine licensed to provide 24 hour care for children

Documents
Multidimensional investigation of source port 0 probingold.dfrws.org/2014/proceedings/DFRWS2014-13.pdf · 2014-07-26 · Multidimensional investigation of source port 0 probing Elias

Multidimensional investigation of source port 0 probingold.dfrws.org/2014/proceedings/DFRWS2014-13.pdf · 2014-07-26 · Multidimensional investigation of source port 0 probing Elias

Documents
I. CONGRESS OF THE PHILIPPINES STRATEGIC … · two-thirds of all the Members of the Senate. ... No data submitted ... PAG-IBIG Contributions 2,127 3,840 4,192 2,281 PhilHealth Contributions

I. CONGRESS OF THE PHILIPPINES STRATEGIC … · two-thirds of all the Members of the Senate. ... No data submitted ... PAG-IBIG Contributions 2,127 3,840 4,192 2,281 PhilHealth Contributions

Documents
Developing a New Digital Forensics Curriculum - …old.dfrws.org/2014/proceedings/presentations/DFRWS2014-p9.pdf1 Developing a New Digital Forensics Curriculum Anthony"Lang,"Masooda&Bashir,

Developing a New Digital Forensics Curriculum - …old.dfrws.org/2014/proceedings/presentations/DFRWS2014-p9.pdf1 Developing a New Digital Forensics Curriculum Anthony"Lang,"Masooda&Bashir,

Documents
3 1, 2 017 P a ge 1 - Burlington County Institute of Technology...Brown, Kandi Teacher Assistant HS Step 6 $16,207 11/16/17 Clark, Tami Teacher Assistant HS Step 1 $14,320 11/01/17

3 1, 2 017 P a ge 1 - Burlington County Institute of Technology...Brown, Kandi Teacher Assistant HS Step 6 $16,207 11/16/17 Clark, Tami Teacher Assistant HS Step 1 $14,320 11/01/17

Documents