View in EDS

Windows Event Forensic Process

Saved in:

Bibliographic Details
Title:	Windows Event Forensic Process
Authors:	Do, Quang, Martini, Ben, Looi, Jonathan, Wang, Yu, Choo, Kim-Kwang
Contributors:	University of South Australia Adelaide, Gilbert Peterson, Sujeet Shenoi, TC 11, WG 11.9
Source:	IFIP Advances in Information and Communication Technology ; 10th IFIP International Conference on Digital Forensics (DF) ; https://inria.hal.science/hal-01393763 ; 10th IFIP International Conference on Digital Forensics (DF), Jan 2014, Vienna, Austria. pp.87-100, ⟨10.1007/978-3-662-44952-3_7⟩
Publisher Information:	CCSD Springer
Publication Year:	2014
Subject Terms:	Windows event forensic process, Windows event logs, [INFO]Computer Science [cs]
Subject Geographic:	Vienna, Austria
Description:	Part 2: Forensic Techniques ; International audience ; Event logs provide an audit trail that records user events and activities on a computer and are a potential source of evidence in digital forensic investigations. This paper presents a Windows event forensic process (WinEFP) for analyzing Windows operating system event log files. The WinEFP covers a number of relevant events that are encountered in Windows forensics. As such, it provides practitioners with guidance on the use of Windows event logs in digital forensic investigations.
Document Type:	conference object
Language:	English
DOI:	10.1007/978-3-662-44952-3_7
Availability:	https://inria.hal.science/hal-01393763 https://inria.hal.science/hal-01393763v1/document https://inria.hal.science/hal-01393763v1/file/978-3-662-44952-3_7_Chapter.pdf https://doi.org/10.1007/978-3-662-44952-3_7
Rights:	http://creativecommons.org/licenses/by/ ; info:eu-repo/semantics/OpenAccess
Accession Number:	edsbas.ADB82B83
Database:	BASE

View record from BASE

Nájsť tento článok vo Web of Science

Be the first to leave a comment!