Zobrazit v EDS

Windows Event Forensic Process

Uloženo v:
Podrobná bibliografie
Název: Windows Event Forensic Process
Autoři: Do, Quang, Martini, Ben, Looi, Jonathan, Wang, Yu, Choo, Kim-Kwang
Přispěvatelé: University of South Australia Adelaide, Gilbert Peterson, Sujeet Shenoi, TC 11, WG 11.9
Zdroj: IFIP Advances in Information and Communication Technology ; 10th IFIP International Conference on Digital Forensics (DF) ; https://inria.hal.science/hal-01393763 ; 10th IFIP International Conference on Digital Forensics (DF), Jan 2014, Vienna, Austria. pp.87-100, ⟨10.1007/978-3-662-44952-3_7⟩
Informace o vydavateli: CCSD
Springer
Rok vydání: 2014
Témata: Windows event forensic process, Windows event logs, [INFO]Computer Science [cs]
Geografické téma: Vienna, Austria
Popis: Part 2: Forensic Techniques ; International audience ; Event logs provide an audit trail that records user events and activities on a computer and are a potential source of evidence in digital forensic investigations. This paper presents a Windows event forensic process (WinEFP) for analyzing Windows operating system event log files. The WinEFP covers a number of relevant events that are encountered in Windows forensics. As such, it provides practitioners with guidance on the use of Windows event logs in digital forensic investigations.
Druh dokumentu: conference object
Jazyk: English
DOI: 10.1007/978-3-662-44952-3_7
Dostupnost: https://inria.hal.science/hal-01393763
https://inria.hal.science/hal-01393763v1/document
https://inria.hal.science/hal-01393763v1/file/978-3-662-44952-3_7_Chapter.pdf
https://doi.org/10.1007/978-3-662-44952-3_7
Rights: http://creativecommons.org/licenses/by/ ; info:eu-repo/semantics/OpenAccess
Přístupové číslo: edsbas.ADB82B83
Databáze: BASE
FullText Text:
  Availability: 0
CustomLinks:
  – Url: https://inria.hal.science/hal-01393763#
    Name: EDS - BASE (s4221598)
    Category: fullText
    Text: View record from BASE
  – Url: https://www.webofscience.com/api/gateway?GWVersion=2&SrcApp=EBSCO&SrcAuth=EBSCO&DestApp=WOS&ServiceName=TransferToWoS&DestLinkType=GeneralSearchSummary&Func=Links&author=Do%20Q
    Name: ISI
    Category: fullText
    Text: Nájsť tento článok vo Web of Science
    Icon: https://imagesrvr.epnet.com/ls/20docs.gif
    MouseOverText: Nájsť tento článok vo Web of Science
Header DbId: edsbas
DbLabel: BASE
An: edsbas.ADB82B83
RelevancyScore: 863
AccessLevel: 3
PubType: Conference
PubTypeId: conference
PreciseRelevancyScore: 863.219055175781
IllustrationInfo
Items – Name: Title
  Label: Title
  Group: Ti
  Data: Windows Event Forensic Process
– Name: Author
  Label: Authors
  Group: Au
  Data: <searchLink fieldCode="AR" term="%22Do%2C+Quang%22">Do, Quang</searchLink><br /><searchLink fieldCode="AR" term="%22Martini%2C+Ben%22">Martini, Ben</searchLink><br /><searchLink fieldCode="AR" term="%22Looi%2C+Jonathan%22">Looi, Jonathan</searchLink><br /><searchLink fieldCode="AR" term="%22Wang%2C+Yu%22">Wang, Yu</searchLink><br /><searchLink fieldCode="AR" term="%22Choo%2C+Kim-Kwang%22">Choo, Kim-Kwang</searchLink>
– Name: Author
  Label: Contributors
  Group: Au
  Data: University of South Australia Adelaide<br />Gilbert Peterson<br />Sujeet Shenoi<br />TC 11<br />WG 11.9
– Name: TitleSource
  Label: Source
  Group: Src
  Data: IFIP Advances in Information and Communication Technology ; 10th IFIP International Conference on Digital Forensics (DF) ; https://inria.hal.science/hal-01393763 ; 10th IFIP International Conference on Digital Forensics (DF), Jan 2014, Vienna, Austria. pp.87-100, ⟨10.1007/978-3-662-44952-3_7⟩
– Name: Publisher
  Label: Publisher Information
  Group: PubInfo
  Data: CCSD<br />Springer
– Name: DatePubCY
  Label: Publication Year
  Group: Date
  Data: 2014
– Name: Subject
  Label: Subject Terms
  Group: Su
  Data: <searchLink fieldCode="DE" term="%22Windows+event+forensic+process%22">Windows event forensic process</searchLink><br /><searchLink fieldCode="DE" term="%22Windows+event+logs%22">Windows event logs</searchLink><br /><searchLink fieldCode="DE" term="%22[INFO]Computer+Science+[cs]%22">[INFO]Computer Science [cs]</searchLink>
– Name: Subject
  Label: Subject Geographic
  Group: Su
  Data: <searchLink fieldCode="DE" term="%22Vienna%22">Vienna</searchLink><br /><searchLink fieldCode="DE" term="%22Austria%22">Austria</searchLink>
– Name: Abstract
  Label: Description
  Group: Ab
  Data: Part 2: Forensic Techniques ; International audience ; Event logs provide an audit trail that records user events and activities on a computer and are a potential source of evidence in digital forensic investigations. This paper presents a Windows event forensic process (WinEFP) for analyzing Windows operating system event log files. The WinEFP covers a number of relevant events that are encountered in Windows forensics. As such, it provides practitioners with guidance on the use of Windows event logs in digital forensic investigations.
– Name: TypeDocument
  Label: Document Type
  Group: TypDoc
  Data: conference object
– Name: Language
  Label: Language
  Group: Lang
  Data: English
– Name: DOI
  Label: DOI
  Group: ID
  Data: 10.1007/978-3-662-44952-3_7
– Name: URL
  Label: Availability
  Group: URL
  Data: https://inria.hal.science/hal-01393763<br />https://inria.hal.science/hal-01393763v1/document<br />https://inria.hal.science/hal-01393763v1/file/978-3-662-44952-3_7_Chapter.pdf<br />https://doi.org/10.1007/978-3-662-44952-3_7
– Name: Copyright
  Label: Rights
  Group: Cpyrght
  Data: http://creativecommons.org/licenses/by/ ; info:eu-repo/semantics/OpenAccess
– Name: AN
  Label: Accession Number
  Group: ID
  Data: edsbas.ADB82B83
PLink https://erproxy.cvtisr.sk/sfx/access?url=https://search.ebscohost.com/login.aspx?direct=true&site=eds-live&db=edsbas&AN=edsbas.ADB82B83
RecordInfo BibRecord:
  BibEntity:
    Identifiers:
      – Type: doi
        Value: 10.1007/978-3-662-44952-3_7
    Languages:
      – Text: English
    Subjects:
      – SubjectFull: Vienna
        Type: general
      – SubjectFull: Austria
        Type: general
      – SubjectFull: Windows event forensic process
        Type: general
      – SubjectFull: Windows event logs
        Type: general
      – SubjectFull: [INFO]Computer Science [cs]
        Type: general
    Titles:
      – TitleFull: Windows Event Forensic Process
        Type: main
  BibRelationships:
    HasContributorRelationships:
      – PersonEntity:
          Name:
            NameFull: Do, Quang
      – PersonEntity:
          Name:
            NameFull: Martini, Ben
      – PersonEntity:
          Name:
            NameFull: Looi, Jonathan
      – PersonEntity:
          Name:
            NameFull: Wang, Yu
      – PersonEntity:
          Name:
            NameFull: Choo, Kim-Kwang
      – PersonEntity:
          Name:
            NameFull: University of South Australia Adelaide
      – PersonEntity:
          Name:
            NameFull: Gilbert Peterson
      – PersonEntity:
          Name:
            NameFull: Sujeet Shenoi
      – PersonEntity:
          Name:
            NameFull: TC 11
      – PersonEntity:
          Name:
            NameFull: WG 11.9
    IsPartOfRelationships:
      – BibEntity:
          Dates:
            – D: 01
              M: 01
              Type: published
              Y: 2014
          Identifiers:
            – Type: issn-locals
              Value: edsbas
            – Type: issn-locals
              Value: edsbas.oa
          Titles:
            – TitleFull: IFIP Advances in Information and Communication Technology ; 10th IFIP International Conference on Digital Forensics (DF) ; https://inria.hal.science/hal-01393763 ; 10th IFIP International Conference on Digital Forensics (DF), Jan 2014, Vienna, Austria. pp.87-100, ⟨10.1007/978-3-662-44952-3_7⟩
              Type: main
ResultId 1