XIRAF: an XML Information Retrieval Approach to Digital Forensics

This Master’s thesis addresses problems in current digital forensic investigations. It proposes the XIRAF system as a novel approach towards the integration of existing forensic analysis tools using XML technology. The concept of integrating these tools can be compared to the concept of concurrent XML hierarchies. The representation of concurrent XML has been widely studied, but concurrent XML hierarchies cause a variety of unsolved problems when such data has to be queried. Querying concurrent XML hierarchies has however many practical applications, including digital forensics, question answering, and multimedia retrieval. This thesis introduces Burkowski axis steps in XPath as a viable solution for the digital forensics application area. The steps can be used in stand-off XML annotation in which the content is separated from the annotations. This approach has many advantages over inline annotation, especially in field of digital forensics. The introduced steps have been implemented in an existing open source XQuery system called MonetDB/XQuery.