منابع مشابه
Automated Windows event log forensics
This paper proposes methods to automate recovery and analysis of Windows NT5 (XP and 2003) event logs for computer forensics. Requirements are formulated and methods are evaluated with respect to motivation and process models. A new, freely available tool is presented that, based on these requirements, automates the repair of a common type of corruption often observed in data carved NT5 event l...
متن کاملSufficiency of Windows Event Log as Evidence in Digital Forensics
The prevalence of computer and the internet has brought forth the increasing spate of cybercrime activities; hence the need for evidence to attribute a crime to a suspect. The research therefore, centres on evidence, the legal standards applied to digital evidence presented in court and the main sources of evidence in the Windows OS, such as the Registry, slack space and the Windows event log. ...
متن کاملWindows Mobile advanced forensics
Windows CE (at this moment sold as Windows Mobile) is on the market for more than 10 years now. In the third quarter of 2009, Microsoft reached a market share of 8.8% of the more than 41 million mobile phones shipped worldwide in that quarter. This makes it a relevant subject for the forensic community. Most commercially available forensic tools supporting Windows CE deliver logical acquisition...
متن کاملMessenger Forensics on Windows Vista and Windows
The purpose of this study is to identify several areas of forensic interest within the Yahoo! Messenger application, which are of forensic significance. This study focuses on new areas of interest within the file structure of Windows Vista and Windows 7. One of the main issues with this topic is that little research has been previously conducted on the new Windows platforms. Previously conducte...
متن کاملSufficiency of Windows Event log as Evidence in Digital Forensics2
The prevalence of computer and the internet has brought forth the increasing spate of cybercrime activities; hence the need for evidence to attribute a crime to a suspect. The research therefore, centres on evidence, the legal standards applied to digital evidence presented in court and the main sources of evidence in the Windows operating system, such as the Registry, slack space and the Windo...
متن کاملذخیره در منابع من
با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید
ژورنال
عنوان ژورنال: Digital Investigation
سال: 2007
ISSN: 1742-2876
DOI: 10.1016/j.diin.2007.06.012