Timestamp Patterns in Windows Forensics

被引:0
|
作者
Luh, Robert [1 ,2 ]
Galhuber, Michael [2 ]
机构
[1] Univ Vienna, Vienna, Austria
[2] St Polten Univ Appl Sci, St Polten, Austria
来源
ERCIM NEWS | 2022年 / 129期
关键词
D O I
暂无
中图分类号
TP39 [计算机的应用];
学科分类号
081203 ; 0835 ;
摘要
Timestamps are among the most expressive artefacts in a digital forensic investigation. Our research shows that the distinct patterns caused by the interaction with individual files can yield more insight than previously documented and enables application fingerprinting within a Windows environment through timestamps alone. Furthermore, we classify timestamp forgery tools and present a means to detect their use.
引用
收藏
页码:27 / 28
页数:2
相关论文
共 50 条
  • [41] USB Device Forensics: Insertion and Removal Timestamps of USB Devices in Windows 8
    Deb, Swasti Bhushan
    Chetry, Arjun
    2015 International Symposium on Advanced Computing and Communication (ISACC), 2015, : 364 - 371
  • [42] A study on vulnerability of the WICKR login system in windows from a live forensics perspective
    Kim, Giyoon
    Kang, Soojin
    Hur, Uk
    Kim, Jongsung
    COMPUTERS & SECURITY, 2024, 139
  • [43] AI-Driven Prioritization and Filtering of Windows Artifacts for Enhanced Digital Forensics
    Kim, Juhwan
    Son, Baehoon
    Yu, Jihyeon
    Yun, Joobeom
    Computers, Materials and Continua, 2024, 81 (02): : 3371 - 3393
  • [44] Characteristics and detectability of Windows auto-start extensibility points in memory forensics
    Uroz, Daniel
    Rodriguez, Ricardo J.
    DIGITAL INVESTIGATION, 2019, 28 : S95 - S104
  • [45] Unifying Timestamp with Transaction Ordering for MVCC with Decentralized Scalar Timestamp
    Wei, Xingda
    Chen, Rong
    Chen, Haibo
    Wang, Zhaoguo
    Gong, Zhenhan
    Zang, Binyu
    PROCEEDINGS OF THE 18TH USENIX SYMPOSIUM ON NETWORKED SYSTEM DESIGN AND IMPLEMENTATION, 2021, : 357 - 372
  • [46] Windows memory forensics: Identification of (malicious) modifications in memory-mapped image files
    Block, Frank
    FORENSIC SCIENCE INTERNATIONAL-DIGITAL INVESTIGATION, 2023, 45
  • [47] Database memory forensics: Identifying cache patterns for log verification
    Wagner, James
    Nissan, Mahfuzul I.
    Rasin, Alexander
    FORENSIC SCIENCE INTERNATIONAL-DIGITAL INVESTIGATION, 2023, 45
  • [48] Timestamp boson sampling
    Zhou, Wen-Hao
    Gao, Jun
    Jiao, Zhi-Qiang
    Wang, Xiao-Wei
    Ren, Ruo-Jing
    Pang, Xiao-Ling
    Qiao, Lu-Feng
    Zhang, Chao-Ni
    Yang, Tian-Huai
    Jin, Xian-Min
    APPLIED PHYSICS REVIEWS, 2022, 9 (03)
  • [49] Research on Timestamp in HDDBMS
    Lai, Shuang
    2008 3RD INTERNATIONAL CONFERENCE ON INTELLIGENT SYSTEM AND KNOWLEDGE ENGINEERING, VOLS 1 AND 2, 2008, : 1347 - 1351
  • [50] Timestamp as a Service, not an Oracle
    Li, Yishuai
    Zhu, Yunfeng
    Shi, Chao
    Zhang, Guanhua
    Wang, Jianzhong
    Zhang, Xiaolu
    PROCEEDINGS OF THE VLDB ENDOWMENT, 2024, 17 (05): : 994 - 1006
12345