NIST Scientific and Technical Databases NIST Scientific and Technical Databases NIST Homepage Databases
Data Home

Analytical Chemistry

Atomic and Molecular Physics

Biometrics

Biotechnology

Chemical and Crystal Structure

Chemical Kinetics

Chemistry

Communications

Construction

Environmental Data

Fire

Fluids

International Trade

Law Enforcement

Materials Properties

Mathematical Databases, Software and Tools

Optical Character Recognition

Physics

Product Design

Surface Data

Text and Video Retrieval

Thermophysical and Thermochemical

 

 thin vertical line


NIST Special Database 28

National Software Reference Library (NSRL)

 Price: $90.00  for an annual subscription (quarterly releases)  Link to the Online Purchase Order FormLink to a FAX or Mail Order Form

A collaboration of the National Institute of Standards and Technology (NIST), the National Institute of Justice (NIJ), the Federal Bureau of Investigation (FBI), the Defense Computer Forensics Laboratory (DCFL),the U.S. Customs Service, software vendors, and state and local law enforcement organizations, the NSRL is a tool to assist in fighting crime involving computers.

The National Software Reference Library (NSRL) is an example of the application of technology to investigate crimes involving computers, such as child pornography, racketeering, cyber-attacks, illegal gambling,Internet fraud, and software piracy.

The NSRL encompasses a repository of all types of software, from operating systems, to vertical applications, to database management systems, to graphics packages, to games, to everything in between.

It also includes a database of file profiles, i.e., "software fingerprints," that can be used to identify known and unknown files on computers, diskettes, magnetic tapes, CDs, etc., that have been seized pursuant to investigation.

The files that make up each software package are analyzed to collect profile information, such as file name, directory name, file size, and version.

The "software fingerprints" are hexadecimal character strings derived from complicated standard equations and algorithms applied to the contents of each file.

Each "fingerprint" is unique to a specific file and can be used to determine if-

  • A file has been altered.
  • A file has been renamed or other means to hide it have been attempted.
  • A file is what it purports to be.
  • A file is missing when it should be found.
  • A file is actually present on a disk.

The NSRL can save an investigator hundreds of hours in an investigation. A single computer or hard disk drive can contain between 10,000 and 50,000 individual files, each of which must be examined for probative value. If multiple computers, disk drives, magnetic tapes, or other media are involved, the staff hours could reach into the thousands and take months to finish.

The NSRL can reduce the time it takes to investigate each computer by 40 to 95 percent, depending on the contents of the file system.

It does this by allowing the investigator to weed out those files that are known, i.e., have known profiles and fingerprints in our database. The investigator can then concentrate on the unknown files.

NIST produces the NSRL using state-of-the-art software and computers to verify the fingerprints of each software package.

The database of file profiles and fingerprints is periodically stored on a CD and shipped to those organizations that have paid for an annual subscription to updates.

The database is known as the NSRL Reference Data Set (RDS) and is used in various products associated with computer crime investigations. It may be freely copied and distributed by any organizations.

NIST applies a digital signature to each update of the RDS to enable the database to be verified that it is correct and was produced by NIST. If any modifications are made to the database, the signature will be different and show that modifications have been made.

For more information on NIST's redistribution policy for NSRL, click here

Price: $90.00  for an annual subscription (quarterly releases)  Link to Online Purchase Order Form Link to FAX and Mail Order Form

For ordering information contact:

Standard Reference Data
National Institute of Standards and Technology
100 Bureau Dr., Stop 2300
Gaithersburg, MD 20899-2310
Voice: (301)975-2008
Email: Contact Us
FAX: 301-926-0416

Technical contact:

Douglas R. White
NIST North (820), Room 584
100 Bureau Drive, Stop 8970
Gaithersburg, MD 20899-8970
Email(w):nsrl@nist.gov
Voice(301) 975-4761

Keywords: crime, computers, law enforcement, software, database management, graphics, file profiles, software fingerprints, investigation, NIST, NIJ, FBI, DCFL, US Customs Service

[Online Databases] [New and Updated Databases]
[Database Price List] [JPCRD] [CODATA] [FAQ] [Comments] [NIST] [Data]

Create Date: 6/02
Last Update: Friday, 20-Jun-08 15:01:12
Contact Us