Digital Evidence and Computer Crime
Digital Evidence and Computer Crime
The Windows Registry as a forensic resource
Digital Investigation: The International Journal of Digital Forensics & Incident Response
Acquiring volatile operating system data tools and techniques
ACM SIGOPS Operating Systems Review
Automated construction of a false digital alibi
ARES'11 Proceedings of the IFIP WG 8.4/8.9 international cross domain conference on Availability, reliability and security for business, enterprise and health information systems
A survey of main memory acquisition and analysis techniques for the windows operating system
Digital Investigation: The International Journal of Digital Forensics & Incident Response
Analysis of Internet Download Manager for collection of digital forensic artefacts
Digital Investigation: The International Journal of Digital Forensics & Incident Response
Windows 7 registry forensic evidence created by three popular BitTorrent clients
Digital Investigation: The International Journal of Digital Forensics & Incident Response
Computer forensic timeline visualization tool
Digital Investigation: The International Journal of Digital Forensics & Incident Response
| Hi-index | 0.00 |
In this paper we examine the use of the Windows Registry as a source of forensic evidence in digital investigations, especially related to Internet usage. We identify the sources of the information, along with the methods used and toolsets available for such examinations, and illustrate their use for recovering evidence. We highlight issues of the forensic practise related to Registry inspections and propose ideas for further improvements of the process and the tools involved.