Sign In

Communications of the ACM

ACM TechNews

Database of Software 'fingerprints' Expands to Include Mobile Apps

A digital fingerprint.

Every file in the National Software Reference Library is run through a computational procedure that generates a unique digital fingerprint for that file.

Credit: Titima Ongkantong/

U.S. National Institute of Standards and Technology (NIST) researchers have spent 15 years maintaining an archive of the world's software.

The National Software Reference Library (NSRL) is set to be expanded to include the first batch of 23,000 mobile applications for Android and iOS, while another 200,000 should be added in 2017.

Every file is run through a procedure that generates a unique digital fingerprint for that file, expressed as a string of 40 letters and numbers. NIST publishes those fingerprints in a publicly available Reference Dataset (RDS) that is updated quarterly. The RDS contains fingerprints for all of the more than 50 million files in the NSRL, which is a critical tool used in law enforcement and national security investigations.

"When we seize a computer or hard drive as part of an investigation, we need to eliminate files that are irrelevant to our investigation and focus on those that might contain evidence," says Sam Brothers, a digital protection specialist with U.S. Customs and Border Protection. He notes RDS "allows us to separate the wheat from the chaff very quickly."

The NIST researchers who maintain NSRL and RDS prioritize the software investigators are most likely to encounter in the field.

From NIST News
View Full Article


Abstracts Copyright © 2016 Information Inc., Bethesda, Maryland, USA


No entries found