A Log File Digital Forensic Model
نویسندگان
چکیده
This paper describes a digital forensic model for investigating computer networks, focusing specifically on network log mining. A thorough examination of log files is needed to reveal the hidden actions of criminals in computer networks. The proposed model specifies the steps that forensic investigators can follow with regard to the extraction and examination of digital evidence from log files for use in legal proceedings.
منابع مشابه
Analyzing registry, log files, and prefetch files in finding digital evidence in graphic design applications
The products of graphic design applications leave behind traces of digital information which can be used during a digital forensic investigation in cases where counterfeit documents have been created. This paper analyzes the digital forensics involved in the creation of counterfeit documents. This is achieved by first recognizing the digital forensic artifacts left behind from the use of graphi...
متن کاملComparative Study and Simulation of Digital Forensic Tools
The cyber crimes such as online banking fraud, credit card theft, child pornography, intellectual property theft, identity theft, unauthorized intrusion, money laundering, digital piracy etc. are growing rapidly with technology. Desktops, smartphones, laptops, digital cameras, GPS devices and even watches all can be used to aid a fraud. All this devices leave behind a digital footprint. Gatheri...
متن کاملAnalyzing Registry, Log Files, and Prefetch Files in Finding Digital Evidence in Graphic Design Applications
The products of graphic design applications, leave behind traces of digital information which can be used during a digital forensic investigation in cases where counterfeit documents have been created. This paper analyzes the digital forensics involved in the creation of counterfeit documents. This is achieved by first recognizing the digital forensic artifacts left behind from the use of graph...
متن کاملIntroducing the Microsoft Vista event log file format
Several operating systems provide a central logging service which collects event messages from the kernel and applications, filters them and writes them into log files. Since more than a decade such a system service exists in Microsoft Windows NT. Its file format is well understood and supported by forensic software. Microsoft Vista introduces an event logging service which entirely got newly d...
متن کاملTracking Contraband Files Transmitted Using Bittorrent
This paper describes a digital forensic tool that uses an FPGA-based embedded software application to identify and track contraband digital files shared using the BitTorrent protocol. The system inspects each packet on a network for a BitTorrent Handshake message, extracts the “info hash” of the file being shared, compares the hash against a list of known contraband files and, in the event of a...
متن کامل