Content deleted Content added
No edit summary |
Added specifics re: partners, components of the NSRL |
||
Line 10:
|website = http://www.nsrl.nist.gov/
}}
The '''National Software Reference Library''' (NSRL), is a project of the [[National Institute of Standards and Technology]] (NIST) which maintains a repository of known software, file profiles and file signatures for use by law enforcement and other organizations involved with computer forensic investigations. The project is supported by the [[United States Department of Justice]]'s [[National Institute of Justice]], the [[Federal Bureau of Investigation]] (FBI), [[Defense Computer Forensics Laboratory]] (DCFL), the [[U.S. Customs Service]], software vendors, and state and local law enforcement.<ref name=NSRL-RDS>{{cite web|title=NIST Special Database 28 (RDS)|url=http://www.nist.gov/srd/nistsd28.cfm|work=National Software Reference Library (NSRL)|publisher=[[National Institute of Standards and Technology]]|accessdate=7 April 2012}}</ref>
==Components==
The NSRL is made up of three major elements:<ref name="mead" />
# A large physical collection of commercial software packages (e.g., [[operating systems]], off-the-shelf application software;
In 2004 the NRSL released a set of hashes for verifying [[eVoting]] software, as part of the US [[Election Assistance Commission]]'s Electronic Voting Security Strategy.<ref name="cw" />▼
# A database containing detailed information, or [[metadata]], about each file that makes up each of those software packages;
# A smaller public dataset containing the most widely-used metadata for each file in the collection that is published and updated quarterly. This is called the ''Reference Data Set''.
==Reference Data Set==
The NSRL collects [[software]] from various sources and computes [[message digest]]s, or cryptographic hash values, from them. The digests are stored in the Reference Data Set (RDS) which can be used to identify "known" files on digital media. This will help alleviate much of the effort involved in determining which files are important as [[evidence]] on computers or file systems that have been seized as part of criminal investigations.<ref name="mead" /> Although the RDS hashset contains some malicious software (such as [[steganography]] and [[Hacker (computer security)|hacking]] tools) it does not contain illicit material (e.g. indecent images).
▲In 2004 the
▲NIST maintains a collection of original software media in order to provide repeatability of the calculated hash values, ensuring admissibility of this data in [[court]].
As of June 1 2010 the Reference Data Set is at version 2.29 and contains over 17 million unique hash values. The [[data set]] is available at no cost to the public.<ref name="readme" />
Line 27 ⟶ 32:
==References==
{{reflist|refs=
<ref name="mead" >{{cite journal|author=Steve Mead|title=Unique file identification in the National Software Reference Library|journal=Digital Investigation|volume=3|issue=3|month=September|year=2006|pages=138–150|issn=1742-2876Zsoi=10.1016/j.diin.2006.08.010. |url=http://www.
<ref name="readme">{{cite web|url=http://www.nsrl.nist.gov/RDS/rds_2.29/READ_ME.txt|title=RDS Readme.txt|accessdate=1 September 2010}}</ref>
<ref name="cw">{{cite web|last=Verton|first=Dan|title=Feds Issue Test Copies of E-voting Software|url=http://www.computerworld.com/s/article/97070/Feds_Issue_Test_Copies_of_E_voting_Software|publisher=Computer World|accessdate=1 September 2010}}</ref>
| |||