Damaged backup data recovery method for Windows mobile

Jewan Bang, Changhoon Lee, Sangjin Lee, Kyung Ho Lee

Research output: Contribution to journalArticle

1 Citation (Scopus)

Abstract

Recent developments in grid and cloud computing technologies have enhanced the performance and scale of storage media. Data management and backup are becoming increasingly important in these environments. Backup systems constitute an important component of operating system security. However, it is difficult to recover backup data from an environment where the operating system does not work because the storage hardware has been damaged. This study analyzes the Volume Shadow Copy Service (VSS) used by the Windows operating system. Windows 8 has been implemented for mobile environments; hence, it could be used for data recovery from damaged mobile devices. VSS is a backup infrastructure provided by Windows that creates point-in-time copies of a volume (known as volume shadow copies). Windows Vista and later versions use this service instead of the restore point feature used in earlier versions of the operating system. The restore point feature logically copied and stored specified files, whereas VSS copies and stores only data that have changed in the volume. In a live system, volume shadow copies can be checked and recovered using built-in system commands. However, it is difficult to analyze the files stored in the volume shadow copies of a nonfunctioning system, such as a disk image, because only the changed data are stored. Therefore, this study analyzes the structure of Volume Shadow Copy (VSC) files that were logically stored. This analysis confirms the locations of the changed data and original copies by identifying a structure that stores the file data stream to file system metadata. On the basis of our research, we propose a practical application to develop tools for the recovery of snapshot data stored within the VSC files. We also present results of our successful performance test.

Original languageEnglish
Pages (from-to)875-887
Number of pages13
JournalJournal of Supercomputing
Volume66
Issue number2
DOIs
Publication statusPublished - 2013 Apr 22

Fingerprint

Recovery
Windows operating system
Grid computing
Cloud computing
Metadata
Mobile devices
Information management
Operating Systems
Hardware
Feature Point
File System
Performance Test
Snapshot
Grid Computing
Data Management
Cloud Computing
Data Streams
Mobile Devices
Infrastructure

Keywords

  • Data recovery
  • Hybrid information security
  • Mobile device
  • Windows 8

ASJC Scopus subject areas

  • Hardware and Architecture
  • Software
  • Information Systems
  • Theoretical Computer Science

Cite this

Damaged backup data recovery method for Windows mobile. / Bang, Jewan; Lee, Changhoon; Lee, Sangjin; Lee, Kyung Ho.

In: Journal of Supercomputing, Vol. 66, No. 2, 22.04.2013, p. 875-887.

Research output: Contribution to journalArticle

Bang, Jewan ; Lee, Changhoon ; Lee, Sangjin ; Lee, Kyung Ho. / Damaged backup data recovery method for Windows mobile. In: Journal of Supercomputing. 2013 ; Vol. 66, No. 2. pp. 875-887.
@article{fc1552e4922c4351b53ba5b46b5349e0,
title = "Damaged backup data recovery method for Windows mobile",
abstract = "Recent developments in grid and cloud computing technologies have enhanced the performance and scale of storage media. Data management and backup are becoming increasingly important in these environments. Backup systems constitute an important component of operating system security. However, it is difficult to recover backup data from an environment where the operating system does not work because the storage hardware has been damaged. This study analyzes the Volume Shadow Copy Service (VSS) used by the Windows operating system. Windows 8 has been implemented for mobile environments; hence, it could be used for data recovery from damaged mobile devices. VSS is a backup infrastructure provided by Windows that creates point-in-time copies of a volume (known as volume shadow copies). Windows Vista and later versions use this service instead of the restore point feature used in earlier versions of the operating system. The restore point feature logically copied and stored specified files, whereas VSS copies and stores only data that have changed in the volume. In a live system, volume shadow copies can be checked and recovered using built-in system commands. However, it is difficult to analyze the files stored in the volume shadow copies of a nonfunctioning system, such as a disk image, because only the changed data are stored. Therefore, this study analyzes the structure of Volume Shadow Copy (VSC) files that were logically stored. This analysis confirms the locations of the changed data and original copies by identifying a structure that stores the file data stream to file system metadata. On the basis of our research, we propose a practical application to develop tools for the recovery of snapshot data stored within the VSC files. We also present results of our successful performance test.",
keywords = "Data recovery, Hybrid information security, Mobile device, Windows 8",
author = "Jewan Bang and Changhoon Lee and Sangjin Lee and Lee, {Kyung Ho}",
year = "2013",
month = "4",
day = "22",
doi = "10.1007/s11227-013-0919-6",
language = "English",
volume = "66",
pages = "875--887",
journal = "The Journal of Supercomputing",
issn = "0920-8542",
publisher = "Springer Netherlands",
number = "2",

}

TY - JOUR

T1 - Damaged backup data recovery method for Windows mobile

AU - Bang, Jewan

AU - Lee, Changhoon

AU - Lee, Sangjin

AU - Lee, Kyung Ho

PY - 2013/4/22

Y1 - 2013/4/22

N2 - Recent developments in grid and cloud computing technologies have enhanced the performance and scale of storage media. Data management and backup are becoming increasingly important in these environments. Backup systems constitute an important component of operating system security. However, it is difficult to recover backup data from an environment where the operating system does not work because the storage hardware has been damaged. This study analyzes the Volume Shadow Copy Service (VSS) used by the Windows operating system. Windows 8 has been implemented for mobile environments; hence, it could be used for data recovery from damaged mobile devices. VSS is a backup infrastructure provided by Windows that creates point-in-time copies of a volume (known as volume shadow copies). Windows Vista and later versions use this service instead of the restore point feature used in earlier versions of the operating system. The restore point feature logically copied and stored specified files, whereas VSS copies and stores only data that have changed in the volume. In a live system, volume shadow copies can be checked and recovered using built-in system commands. However, it is difficult to analyze the files stored in the volume shadow copies of a nonfunctioning system, such as a disk image, because only the changed data are stored. Therefore, this study analyzes the structure of Volume Shadow Copy (VSC) files that were logically stored. This analysis confirms the locations of the changed data and original copies by identifying a structure that stores the file data stream to file system metadata. On the basis of our research, we propose a practical application to develop tools for the recovery of snapshot data stored within the VSC files. We also present results of our successful performance test.

AB - Recent developments in grid and cloud computing technologies have enhanced the performance and scale of storage media. Data management and backup are becoming increasingly important in these environments. Backup systems constitute an important component of operating system security. However, it is difficult to recover backup data from an environment where the operating system does not work because the storage hardware has been damaged. This study analyzes the Volume Shadow Copy Service (VSS) used by the Windows operating system. Windows 8 has been implemented for mobile environments; hence, it could be used for data recovery from damaged mobile devices. VSS is a backup infrastructure provided by Windows that creates point-in-time copies of a volume (known as volume shadow copies). Windows Vista and later versions use this service instead of the restore point feature used in earlier versions of the operating system. The restore point feature logically copied and stored specified files, whereas VSS copies and stores only data that have changed in the volume. In a live system, volume shadow copies can be checked and recovered using built-in system commands. However, it is difficult to analyze the files stored in the volume shadow copies of a nonfunctioning system, such as a disk image, because only the changed data are stored. Therefore, this study analyzes the structure of Volume Shadow Copy (VSC) files that were logically stored. This analysis confirms the locations of the changed data and original copies by identifying a structure that stores the file data stream to file system metadata. On the basis of our research, we propose a practical application to develop tools for the recovery of snapshot data stored within the VSC files. We also present results of our successful performance test.

KW - Data recovery

KW - Hybrid information security

KW - Mobile device

KW - Windows 8

UR - http://www.scopus.com/inward/record.url?scp=84887997261&partnerID=8YFLogxK

UR - http://www.scopus.com/inward/citedby.url?scp=84887997261&partnerID=8YFLogxK

U2 - 10.1007/s11227-013-0919-6

DO - 10.1007/s11227-013-0919-6

M3 - Article

AN - SCOPUS:84887997261

VL - 66

SP - 875

EP - 887

JO - The Journal of Supercomputing

JF - The Journal of Supercomputing

SN - 0920-8542

IS - 2

ER -