Software "Fingerprint" Database Expands

A group of computer scientists at the National Institute of Standards and Technology (NIST) has been working for more than 15 years on an impossible task: to maintain an up-to-date archive of the world’s software. Because the amount of software in circulation keeps growing, they will never enjoy the satisfaction of completing their assignment. But they have succeeded in creating the largest publicly known collection of its kind in the world.

Called the National Software Reference Library (NSRL), the collection is about to get a whole lot larger. On December 15, 2016, the NSRL expanded to include its first batch of 23,000 mobile apps for Android and iOS. Another 200,000 are expected to be added during 2017.

The NSRL is a critical tool used in law enforcement and national security investigations. Every file in the NSRL is run through a computational procedure that generates a unique digital fingerprint for that file, expressed as a string of 40 letters and numbers. NIST publishes those fingerprints in a Reference Data Set (RDS) that is updated quarterly and freely available to the public.

Software applications often include hundreds or even thousands of files—think of all the graphics files and templates that are placed on your computer when you install a word processing application. The RDS contains fingerprints for all the files in the NSRL, more than 50 million so far.

The NSRL is jointly funded by NIST and the Department of Homeland Security Science and Technology Directorate’s Cyber Forensics Project, and the addition of mobile apps was done in collaboration with their Mobile App Security R&D project.

Read the full article from NIST here.
 
Next >






Forensic Podiatry (Part Two of Two)

THE DISCIPLINE of forensic podiatry—or, in other words, the examination of pedal evidence—has progressed significantly over the past ten years. It is no longer a question of “What can you do with a footprint?” but rather, “Who can we use to evaluate the footprint?” Cases involving pedal evidence, especially bloody footprints and issues of determining shoe sizing or fit issues compared to questioned footwear, have become more common over the past two or three years.

Read more...