Windows registry analysis for forensic purpose / Riziana Ibrahim
The cyber attack is a severe attack that might cause harm especially to the big organization. It is therefore the attacks need to be fight and stop. The attack comes in various approach and forms. One of it is through the channel of remote access. Many organizations nowadays had allowed the remote a...
Saved in:
| Main Author: | |
|---|---|
| Format: | Thesis |
| Language: | English |
| Published: |
2012
|
| Subjects: | |
| Online Access: | https://ir.uitm.edu.my/id/eprint/63019/1/63019.pdf |
| Tags: |
Add Tag
No Tags, Be the first to tag this record!
|
| id |
my-uitm-ir.63019 |
|---|---|
| record_format |
uketd_dc |
| spelling |
my-uitm-ir.630192022-08-03T04:49:03Z Windows registry analysis for forensic purpose / Riziana Ibrahim 2012 Ibrahim, Riziana Forensic Medicine. Medical jurisprudence. Legal medicine The cyber attack is a severe attack that might cause harm especially to the big organization. It is therefore the attacks need to be fight and stop. The attack comes in various approach and forms. One of it is through the channel of remote access. Many organizations nowadays had allowed the remote access due to the flexibility of their staffs working from home. Without conscious on the vulnerability, this organization continues to be susceptible to attack. Attacks can be initiated either by insider or outsider. The insider of course will have much more advantage assuming that they already know the organization's structure and passwords to the machine. One of the attacks that are top to be planted on the machine is spyware. This spyware is very useful to the attacker and very harmful to the machine's owner. In the event of an attack, an investigation must be carried out. The main purpose of investigation is to inspect the illegal activities and to get the potential evidence. In this study, Windows registry analysis was made on the Windows 7 Home Enterprise (32 bit) platform. The study was focused to identify the existence of unwanted application of the Virtual Network Computing (VNC) and keylogger application. The outcome of this study is the artifacts of the registry values in correlation to the user activities. 2012 Thesis https://ir.uitm.edu.my/id/eprint/63019/ https://ir.uitm.edu.my/id/eprint/63019/1/63019.pdf text en public masters Universiti Teknologi MARA Faculty of Computer and Mathematical Sciences |
| institution |
Universiti Teknologi MARA |
| collection |
UiTM Institutional Repository |
| language |
English |
| topic |
Forensic Medicine Medical jurisprudence Legal medicine |
| spellingShingle |
Forensic Medicine Medical jurisprudence Legal medicine Ibrahim, Riziana Windows registry analysis for forensic purpose / Riziana Ibrahim |
| description |
The cyber attack is a severe attack that might cause harm especially to the big organization. It is therefore the attacks need to be fight and stop. The attack comes in various approach and forms. One of it is through the channel of remote access. Many organizations nowadays had allowed the remote access due to the flexibility of their staffs working from home. Without conscious on the vulnerability, this organization continues to be susceptible to attack. Attacks can be initiated either by insider or outsider. The insider of course will have much more advantage assuming that they already know the organization's structure and passwords to the machine. One of the attacks that are top to be planted on the machine is spyware. This spyware is very useful to the attacker and very harmful to the machine's owner. In the event of an attack, an investigation must be carried out. The main purpose of investigation is to inspect the illegal activities and to get the potential evidence. In this study, Windows registry analysis was made on the Windows 7 Home Enterprise (32 bit) platform. The study was focused to identify the existence of unwanted application of the Virtual Network Computing (VNC) and keylogger application. The outcome of this study is the artifacts of the registry values in correlation to the user activities. |
| format |
Thesis |
| qualification_level |
Master's degree |
| author |
Ibrahim, Riziana |
| author_facet |
Ibrahim, Riziana |
| author_sort |
Ibrahim, Riziana |
| title |
Windows registry analysis for forensic purpose / Riziana Ibrahim |
| title_short |
Windows registry analysis for forensic purpose / Riziana Ibrahim |
| title_full |
Windows registry analysis for forensic purpose / Riziana Ibrahim |
| title_fullStr |
Windows registry analysis for forensic purpose / Riziana Ibrahim |
| title_full_unstemmed |
Windows registry analysis for forensic purpose / Riziana Ibrahim |
| title_sort |
windows registry analysis for forensic purpose / riziana ibrahim |
| granting_institution |
Universiti Teknologi MARA |
| granting_department |
Faculty of Computer and Mathematical Sciences |
| publishDate |
2012 |
| url |
https://ir.uitm.edu.my/id/eprint/63019/1/63019.pdf |
| _version_ |
1783735282806292480 |