Program execution analysis in Windows: A study of data sources, their format and comparison of forensic capability
B Singh, U Singh - Computers & Security, 2018 - Elsevier
Nowadays, perpetrators of the crimes are more forensic-aware than ever and take
preventive measures to limit or delete the program execution artifacts. Also, analysts are …
preventive measures to limit or delete the program execution artifacts. Also, analysts are …
[PDF][PDF] Program Execution Analysis using UserAssist Key in Modern Windows.
B Singh, U Singh - SECRYPT, 2017 - scitepress.org
The construction of user activity timeline related to digital incident being investigated is part
of most of the forensic investigations. Sometimes, it is desirable to know the programs …
of most of the forensic investigations. Sometimes, it is desirable to know the programs …
[PDF][PDF] Utilizing program's execution data for digital forensics
ZA Al-Sharif - The Third International Conference on Digital …, 2016 - researchgate.net
Criminals use computers and software to perform their crimes or to cover their misconducts.
Main memory or RAM encompasses vibrant information about a system including its active …
Main memory or RAM encompasses vibrant information about a system including its active …
A proactive malicious software identification approach for digital forensic examiners
Digital investigators often get involved with cases, which seemingly point the responsibility
to the person to which the computer belongs, but after a thorough examination malware is …
to the person to which the computer belongs, but after a thorough examination malware is …
Leveraging the windows amcache. hve file in forensic investigations
B Singh, U Singh - Journal of Digital Forensics, Security and …, 2016 - commons.erau.edu
The Amcache. hve is a registry hive file that is created by Microsoft® Windows® to store the
information related to execution of programs. This paper highlights the evidential potential of …
information related to execution of programs. This paper highlights the evidential potential of …
[PDF][PDF] Digital forensics through application behavior analysis
S Rahman, MNA Khan - … Journal of Modern Education and Computer …, 2016 - academia.edu
The field of digital forensic analysis has emerged in the past two decades to counter the
digital crimes and investigate the modus operandi of the culprits to secure the computer …
digital crimes and investigate the modus operandi of the culprits to secure the computer …
[PDF][PDF] Fundamentals of static malware analysis: principles, methods and tools
A Fedák, J Štulrajter - Science & Military Journal, 2020 - sm.aos.sk
Nowadays, the security of all systems connected to the public network is severely tested.
Most users try to protect themselves against many abusive practices by using many security …
Most users try to protect themselves against many abusive practices by using many security …
[图书][B] Operating system forensics
R Messier - 2015 - books.google.com
Operating System Forensics is the first book to cover all three critical operating systems for
digital forensic investigations in one comprehensive reference. Users will learn how to …
digital forensic investigations in one comprehensive reference. Users will learn how to …
An investigation into the forensic implications of the Windows 10 operating system: recoverable artefacts and significant changes from Windows 8.1
D Hintea, R Bird, M Green - International Journal of …, 2017 - inderscienceonline.com
With the release of Microsoft's latest operating system, Windows 10, forensic investigators
must examine it in order to determine the changes implemented from Windows 8.1 and the …
must examine it in order to determine the changes implemented from Windows 8.1 and the …
Live forensics of software attacks on cyber–physical systems
Abstract Increasingly, Cyber–physical Systems are expected to operate in different
environments and interconnect with a diverse set of systems, equipment, and networks. This …
environments and interconnect with a diverse set of systems, equipment, and networks. This …