Investigating the Artifacts Using Windows Registry and Log Files
نویسندگان
چکیده
Cyber attack comes in various approach and forms, either internally or externally. Access from remote machines and spyware are forms of cyber attack leaving an organization to be susceptible to vulnerability. This paper investigates of illegal activities and potential evidence of cyber attack through studying the registry on the Windows 7 and Event Log Files. The aim is to trace the registry and event log artifacts left by the attacker. With the growing importance of computer security today and the seriousness of cyber crime, this paper provide a solution for investigating the artifacts left by user which correlate to the user activity.
منابع مشابه
A Review on Forensic Investigation Using Windows Registry and Event Log Files
Cyber attack comes in various approach and forms, either internally or externally. Access from remote machines and spyware are forms of cyber attack leaving an organization to be susceptible to vulnerability. This paper provide an investigation of illegal activities and potential evidence of cyber attack through studying the registry on the Windows 7 and Event Log Files. The aim is to trace the...
متن کاملAnalyzing registry, log files, and prefetch files in finding digital evidence in graphic design applications
The products of graphic design applications leave behind traces of digital information which can be used during a digital forensic investigation in cases where counterfeit documents have been created. This paper analyzes the digital forensics involved in the creation of counterfeit documents. This is achieved by first recognizing the digital forensic artifacts left behind from the use of graphi...
متن کاملAnalyzing Registry, Log Files, and Prefetch Files in Finding Digital Evidence in Graphic Design Applications
The products of graphic design applications, leave behind traces of digital information which can be used during a digital forensic investigation in cases where counterfeit documents have been created. This paper analyzes the digital forensics involved in the creation of counterfeit documents. This is achieved by first recognizing the digital forensic artifacts left behind from the use of graph...
متن کاملDigital Evidence with Emphasis on Time - Improved after defence
.........................................................................................................................1 Acknowledgments.......................................................................................................2 Contents..........................................................................................................................3 List of Figures ......
متن کاملCorrelating Orphaned Windows Registry Data Structures
Recently, it has been shown that deleted entries of the Microsoft Windows registry (keys) may still reside in the system files once the entries have been deleted from the active database. Investigating the complete keys in context may be extremely important from both a Forensic Investigation point of view and a legal point of view where a lack of context can bring doubt to an argument. In this ...
متن کامل