Using Convolutional Neural Networks to Detect Compression Algorithms

TL;DR

This paper demonstrates how convolutional neural networks can effectively identify different compression algorithms used on file fragments, aiding digital forensic analysis.

Contribution

It introduces a CNN-based approach to classify compression algorithms, addressing a gap in digital forensics literature.

Findings

Accurately identified compress, lzip, and bzip2 algorithms

Used a dataset of files compressed with various algorithms

Showed CNN's effectiveness in compression algorithm detection

Abstract

Machine learning is penetrating various domains virtually, thereby proliferating excellent results. It has also found an outlet in digital forensics, wherein it is becoming the prime driver of computational efficiency. A prominent feature that exhibits the effectiveness of ML algorithms is feature extraction that can be instrumental in the applications for digital forensics. Convolutional Neural Networks are further used to identify parts of the file. To this end, we observed that the literature does not include sufficient information about the identification of the algorithms used to compress file fragments. With this research, we attempt to address this gap as compression algorithms are beneficial in generating higher entropy comparatively as they make the data more compact. We used a base dataset, compressed every file with various algorithms, and designed a model based on that. The used model was accurately able to identify files compressed using compress, lzip and bzip2.