Development of A Distributed Print‐Out Monitoring System for Efficient Forensic Investigation

Presenter Information

Satoshi Kai, Hitachi, Ltd., Yokohama Research Laboratory, Graduate School of Informatics, Kyoto University
Tetsutaro Uehara, Associate Professor, Academic Center for Computing and Media Studies, Kyoto UniversityFollow

Proposal / Submission Type

Peer Reviewed Paper

Location

Richmond, Virginia

Start Date

25-5-2011 3:45 PM

Abstract

If information leakage occurs, an investigator is instructed to specify what documents were leaked and who leaked them. In the present work, a distributed print-out monitoring system—which consists of a virtual printer driver and print-out policy/log management servers—was developed. For easily matching the discovered (i.e., leaked) paper document with the print-out log, the virtual printer driver acquires full-text of printed-out documents by DDI hooking technique to check the content, transforms a spool file to a picture file and creates both a thumbnail and text log for forensic investigation afterwards. The log size is as only about 0.04 times bigger than that for printed-out electronic documents, so the storage size needed for the thumbnail and text log is also small.

Keywords: Information leakage, Print-out, Digital forensics, Log, Virtual printer driver

Scholarly Commons Citation

Kai, Satoshi and Uehara, Tetsutaro, "Development of A Distributed Print‐Out Monitoring System for Efficient Forensic Investigation" (2011). Annual ADFSL Conference on Digital Forensics, Security and Law. 2.
https://commons.erau.edu/adfsl/2011/wednesday/2