Damaged backup data recovery method for Windows mobile

Jewan Bang, Changhoon Lee, Sangjin Lee, Kyungho Lee

Research output: Contribution to journalArticle

1 Citation (Scopus)

Abstract

Recent developments in grid and cloud computing technologies have enhanced the performance and scale of storage media. Data management and backup are becoming increasingly important in these environments. Backup systems constitute an important component of operating system security. However, it is difficult to recover backup data from an environment where the operating system does not work because the storage hardware has been damaged. This study analyzes the Volume Shadow Copy Service (VSS) used by the Windows operating system. Windows 8 has been implemented for mobile environments; hence, it could be used for data recovery from damaged mobile devices. VSS is a backup infrastructure provided by Windows that creates point-in-time copies of a volume (known as volume shadow copies). Windows Vista and later versions use this service instead of the restore point feature used in earlier versions of the operating system. The restore point feature logically copied and stored specified files, whereas VSS copies and stores only data that have changed in the volume. In a live system, volume shadow copies can be checked and recovered using built-in system commands. However, it is difficult to analyze the files stored in the volume shadow copies of a nonfunctioning system, such as a disk image, because only the changed data are stored. Therefore, this study analyzes the structure of Volume Shadow Copy (VSC) files that were logically stored. This analysis confirms the locations of the changed data and original copies by identifying a structure that stores the file data stream to file system metadata. On the basis of our research, we propose a practical application to develop tools for the recovery of snapshot data stored within the VSC files. We also present results of our successful performance test.

Original languageEnglish
Pages (from-to)875-887
Number of pages13
JournalJournal of Supercomputing
Volume66
Issue number2
DOIs
Publication statusPublished - 2013

Keywords

  • Data recovery
  • Hybrid information security
  • Mobile device
  • Windows 8

ASJC Scopus subject areas

  • Software
  • Theoretical Computer Science
  • Information Systems
  • Hardware and Architecture

Fingerprint Dive into the research topics of 'Damaged backup data recovery method for Windows mobile'. Together they form a unique fingerprint.

  • Cite this