摘要
在计算机取证领域,数据碎片的取证分析已成为获取数字证据的一种重要手段。本文针对取证中数据碎片的取证问题提出了一种新的基于内容特征的数据碎片类型识别算法,该方法首先对数据碎片进行分块主成分分析PCA后,对PCA特征向量进行线性鉴别分析LDA获取组合特征向量,然后利用K最邻近KNN算法和序列最小优化SMO算法组成融合分类器,运用获取的组合特征向量对数据碎片进行分类识别。实验表明,该算法与其他相关算法相比,具有较高的识别准确率和识别速率,取得了良好的识别效果。
In the computer forensics field, the forensic analysis of data fragment has become an important means to obtain digital evidence. Aiming at the problem of data fragment forensics, this paper proposes a novel algorithm of data classification identification based on the content feature. Firstly, it makes principal component analysis (PCA) of each blocks in the data fragment; secondly, it makes linear discriminant analysis (LDA) of each PCA feature vector so as to get the combinational feature vector; finally, the author identifies the type of data fragment with the combinational fea-ture vector by using the fusion classifier of k nearest neighbor (KNN) algorithm and sequential minimal optimization algorithm (SMO). Experimental results have shown that compared with the related algorithms the proposed algorithm has better identification accuracy and identification rate which achieves better identification results.
出处
《软件》
2015年第7期21-25,共5页
Software
基金
江苏省产学研联合创新资金项目资助
项目编号:BY2014007-3
