Hey everyone, Trey Amick here. And today I’m going to highlight recent updates to Magnet AI for use in AXIOM and AXIOM Cyber.
Examiners have long since wished for an easy way to remove icons and system images from data sets to really help cut through some of the junk and noise they see when they’re reviewing media. Now with AXIOM and AXIOM Cyber, you can do just that.
Starting an AXIOM process, I’ve loaded in a file system iOS image, and I’m going to navigate down to “Categorize pictures and videos”. Now that we’re on the “Categorize pictures and videos” screen, I’m going to simply just navigate down to the “Icon” section and enable that for processing.
This will automatically kick off processing for Magnet AI after the initial case analysis has been completed. Or another way of running Magnet AI is directly from within AXIOM Examine. So, let’s take a look at what that looks like now.
Now that we’re in AXIOM Examine, I can simply navigate up to process “Categorize pictures with Magnet AI”. This will give me a quick prompt on how much space will be required for this analysis. I’ll click “Next”, and then once again, I can simply just navigate down and select the icons for processing. I’m going to go ahead and exit out of this because I’ve actually already run the icons list for this case.
So, let’s take a look at that. So, as you can see here, we have Magnet AI categorization listed here, and we have approximately 49,000 hits from the possible icons. Let’s take a look at what that looks like in the “Artifact” view.
Now that’s selected the hyperlink, I can simply just go from “Column” view onto “Thumbnail” view, and this will give us an idea of what the possible icons were that we hit on. And as you can see here it did a great job on a lot of stuff that would just be typical noise that we’d have to review through as part of our case processing.
But I want to be able to see all the images that aren’t tagged as icons. So very easily, I’m just going to simply navigate up and I’m going to de-select “Possible icons” here, and I’m going to select “Untagged items” instead. So, this will remove all the icons that we’ve already tagged with Magnet AI.
Now that we’ve de-selected “Possible icons” and selected “Untagged items”, you can see here very quickly, these are the files that I will need to review for additional analysis as a part of my media grading. With this new Magnet AI filter, this really eliminated 30,000 hits for me very, very quickly, so that’s, you know, 30,000 less things that I have to review, you know, based on this.
So, thinking about really getting the most out of your time and your effort when you are doing your case analysis, this can really expedite that and help you clear out that clutter that you would typically have to review. And here you can see I’ve selected a video, we’ve got the quick preview and we can also come down and hit the “Play” button as well for this file.
So, keep this in mind when you’re doing your media investigations, and make sure to run possible icons from within Magnet AI to help clean out that clutter. We’ll see you next time. Thanks.
