Purdue Polytechnic Institute faculty in the Department of Computer and Information Technology have released FileTSAR+, a digital forensic evidence analyzer now used in Tippecanoe County’s High Tech Crime Unit.
Reported by Purdue Research Foundation, the team was comprised of professors Kathryn Seigried-Spellar, Marcus Rogers, John Springer and Baijian Yang. The new program is a makeover of the original FileTSAR (Toolkit for Selective Analysis and Reconstruction of Files). The end result is a much smaller file with streamlined functionality for faster and easier operation.
In terms of the program’s basic functions, FileTSAR+ and its predecessor both provided a mechanism to reconstruct and analyze multiple data types. This means that FileTSAR+ functions as a one-stop program for analyzing documents, images, email and VoIP (Voice over Internet Protocol) sessions for large-scale computer networks.
The Tippecanoe County High Tech Crime Unit (HTCU), a collaboration with Purdue, was incepted in 2011 as a way for local agencies to “combine resources to investigate cases with digital evidence. Over the last decade, law enforcement agencies recognized the value of digital evidence due to the increased use of electronic devices and social media.” FileTSAR+ is designed to be the primary analysis tool for HTCU to interpret such evidence.
While the original FileTSAR worked, it was equipped to do much more than HTCU needed. The mission for FileTSAR+ was therefore to develop a slimmer model with a much more manageable file size. “Now law enforcement agencies can download a single, 10-gigabit file and use the toolkit immediately,” Seigfried-Spellar said.
The streamlining process has made FileTSAR+ very cost-effective for law enforcement agencies. A more direct effect is that it has simply made the program a great deal more useable for individual analysts and officers.
“FileTSAR+ reduces the time and effort examining data captured over networks,” said Sean Leshney, director of digital forensics investigations at the Tippecanoe County HTCU. “We look forward to the future improvements of FileTSAR+ by Purdue University to aid in the area of network forensics.”
See the full story from the Purdue Research Foundation.
Additional information
- High-tech toolkit to analyze digital evidence made more efficient and budget-friendly for law enforcement agencies (Research Foundation News)
- FileTSAR+ download page, free to law enforcement agencies
- Tippecanoe County High Tech Crime Unit (In.gov)
- Seigfried-Spellar receives Purdue Jefferson Award
- Sharing limited forensic data could benefit citizens, law enforcement
- FileTSAR cyber toolkit helps detectives solve digital crimes
- CIT faculty aim to make big data a small issue for law enforcement