Search string support for law enforcement agents

Ignacio Perez-Ibanez, University of Rhode Island


Most digital forensic analysis tools allow the specification of search strings as regular expressions and the search for all terms included in keyword lists (for example, slang terms that criminals use to refer to certain drugs). Unfortunately, due to the combination of characters and meta-characters used in regular expressions, many agents have problems writing them. Also, it can take them years to build a solid, complete keyword list, adding a few new terms with each case that they investigate. I created a repository so that law enforcement agents can create, access, download and comment on validated search string expressions and keyword lists. I collaborated with the team from the URI Digital Forensics Center who developed a regular expression generator, so my repository is flawlessly integrated with this tool and agents can easily upload new search strings. This project has followed sound software engineering practices and the repository has been deployed in the Electronic Crime Technology Center of Excellence (ECTCoE) site of the National Institute of Justice (NIJ).

