Software "Fingerprint" Database Expands

A group of computer scientists at the National Institute of Standards and Technology (NIST) has been working for more than 15 years on an impossible task: to maintain an up-to-date archive of the world’s software. Because the amount of software in circulation keeps growing, they will never enjoy the satisfaction of completing their assignment. But they have succeeded in creating the largest publicly known collection of its kind in the world.

Called the National Software Reference Library (NSRL), the collection is about to get a whole lot larger. On December 15, 2016, the NSRL expanded to include its first batch of 23,000 mobile apps for Android and iOS. Another 200,000 are expected to be added during 2017.

The NSRL is a critical tool used in law enforcement and national security investigations. Every file in the NSRL is run through a computational procedure that generates a unique digital fingerprint for that file, expressed as a string of 40 letters and numbers. NIST publishes those fingerprints in a Reference Data Set (RDS) that is updated quarterly and freely available to the public.

Software applications often include hundreds or even thousands of files—think of all the graphics files and templates that are placed on your computer when you install a word processing application. The RDS contains fingerprints for all the files in the NSRL, more than 50 million so far.

The NSRL is jointly funded by NIST and the Department of Homeland Security Science and Technology Directorate’s Cyber Forensics Project, and the addition of mobile apps was done in collaboration with their Mobile App Security R&D project.

Read the full article from NIST here.
 
Next >






Item of Interest

The language barrier between English-speaking investigators and Spanish-speaking witnesses is a growing problem. (Updated 28 February 2011)

Read more...