THE PROCESS

 SourceForge.net Logo

Peek Inside uses dynamic meta-data that behaves similarly to XML "inside and out" for handling information.  The process of examining the computer involves loading the contents of all the directories and then validating the facts.  Although this is a lossless method of handling the information, it also is a resource-intensive method of investigation.

Step 0:  Determine the size of the task for the progress bar

Step 1:  Load the first 1K of all the files on the system, check against the Magic Bytes to validate the file contents and assign file type by Magic Bytes + File Extension.

Step 2:  Perform re-adjustment of validation types by performing logical assumptions.

Step 3:  Grouping of Files is performed to assign relationships to groups.  For example, Microsoft Windows goes in one group, ICQ in another group, etc.

Step 4:  Reduction takes place at this point where any "uninteresting" files are eliminated.

Step 5:  Reaffirmation is a stage where the ASCII files are searched for something to determine their actual nature.

Step 6:  Classification phase is where each of the files is assigned interest values based on an expert engine criteria.

Step 7:  Database hash matching for anything that may be of interest.

Step 8:  Reporting phase.