Guideline for forensic analysis on windows XP and vista registry
On the age of digitalization world and dependencies of people to digital system having a schedule to protect their assets is obvious. Digital hacking is always one of hot subject in information security field. So many organizations need special training to be covered and protected against hackers. A...
Saved in:
| Main Author: | |
|---|---|
| Format: | Thesis |
| Language: | English |
| Published: |
2008
|
| Subjects: | |
| Online Access: | http://eprints.utm.my/id/eprint/9517/1/SomayehAghanavesiMFSKSM2008.pdf |
| Tags: |
Add Tag
No Tags, Be the first to tag this record!
|
| id |
my-utm-ep.9517 |
|---|---|
| record_format |
uketd_dc |
| spelling |
my-utm-ep.95172018-07-19T01:51:12Z Guideline for forensic analysis on windows XP and vista registry 2008-10 Aghanvesi, Somayeh QA75 Electronic computers. Computer science On the age of digitalization world and dependencies of people to digital system having a schedule to protect their assets is obvious. Digital hacking is always one of hot subject in information security field. So many organizations need special training to be covered and protected against hackers. Also like every crime which is being investigated the hacking and digital crimes also are being surveyed and the related evidences are being collected through digital investigators who are forensic specialist. Forensic is a science to collect the evidence against hackers in digital world. The Focused issue on this project is collecting the evidences from a limited scope of Microsoft windows Vista and XP versions which is their Registry platform which is one the areas that has valuable information but is not being considered by specialist as well as other areas because of its complexity. The registry platform is the place windows stores all the configurations and this place potentially have evidences inside which need to be found in sake of forensic examination. The number of keys is a lot and searching the keys by each investigator is a tedious work. The keys need to be searched, analyzed, evaluated from forensic value, be considered in evidence management process and being sorted in a referable manner for investigators. That is why we decided to prepare a guideline for investigators interested to have a look to the evidentiary keys and their values. Also as second part of this guideline we have prepared the investigation steps on registry area with Encase tool which is chosen among many tools available currently and have been surveyed so far. 2008-10 Thesis http://eprints.utm.my/id/eprint/9517/ http://eprints.utm.my/id/eprint/9517/1/SomayehAghanavesiMFSKSM2008.pdf application/pdf en public http://dms.library.utm.my:8080/vital/access/manager/Repository/vital:862?site_name=Restricted Repository masters Universiti Teknologi Malaysia, Faculty of Computer Science and Information System Faculty of Computer Science and Information System |
| institution |
Universiti Teknologi Malaysia |
| collection |
UTM Institutional Repository |
| language |
English |
| topic |
QA75 Electronic computers Computer science |
| spellingShingle |
QA75 Electronic computers Computer science Aghanvesi, Somayeh Guideline for forensic analysis on windows XP and vista registry |
| description |
On the age of digitalization world and dependencies of people to digital system having a schedule to protect their assets is obvious. Digital hacking is always one of hot subject in information security field. So many organizations need special training to be covered and protected against hackers. Also like every crime which is being investigated the hacking and digital crimes also are being surveyed and the related evidences are being collected through digital investigators who are forensic specialist. Forensic is a science to collect the evidence against hackers in digital world. The Focused issue on this project is collecting the evidences from a limited scope of Microsoft windows Vista and XP versions which is their Registry platform which is one the areas that has valuable information but is not being considered by specialist as well as other areas because of its complexity. The registry platform is the place windows stores all the configurations and this place potentially have evidences inside which need to be found in sake of forensic examination. The number of keys is a lot and searching the keys by each investigator is a tedious work. The keys need to be searched, analyzed, evaluated from forensic value, be considered in evidence management process and being sorted in a referable manner for investigators. That is why we decided to prepare a guideline for investigators interested to have a look to the evidentiary keys and their values. Also as second part of this guideline we have prepared the investigation steps on registry area with Encase tool which is chosen among many tools available currently and have been surveyed so far. |
| format |
Thesis |
| qualification_level |
Master's degree |
| author |
Aghanvesi, Somayeh |
| author_facet |
Aghanvesi, Somayeh |
| author_sort |
Aghanvesi, Somayeh |
| title |
Guideline for forensic analysis on windows XP and vista registry |
| title_short |
Guideline for forensic analysis on windows XP and vista registry |
| title_full |
Guideline for forensic analysis on windows XP and vista registry |
| title_fullStr |
Guideline for forensic analysis on windows XP and vista registry |
| title_full_unstemmed |
Guideline for forensic analysis on windows XP and vista registry |
| title_sort |
guideline for forensic analysis on windows xp and vista registry |
| granting_institution |
Universiti Teknologi Malaysia, Faculty of Computer Science and Information System |
| granting_department |
Faculty of Computer Science and Information System |
| publishDate |
2008 |
| url |
http://eprints.utm.my/id/eprint/9517/1/SomayehAghanavesiMFSKSM2008.pdf |
| _version_ |
1747814744792760320 |