Vol. 1 No. 1 (2022): Emirati Journal of Policing & Security Studies
Articles

Windows Forensics Analysis

PDF
  • Mariam Al Jouhi,
  • Sara Al Hosani
Mariam Al Jouhi
Zayed University, Abu Dhabi, UAE
Sara Al Hosani
Zayed University, Abu Dhabi, UAE

Published 2022-10-02

Keywords

  • Digital Forensics,
  • Windows Registry,
  • Digital Evidence,
  • Computer Investigation,
  • Forensic Tools

How to Cite

Windows Forensics Analysis. (2022). Emirati Journal of Policing & Security Studies, 1(1), 4-11. https://doi.org/10.54878/jagh3855

Abstract

Computer forensics investigates crimes on digital devices hard disk and any other digital storage devices to determine the evidence of any unauthorized access. Essentially, forensic investigators conduct forensic analysis with the help of different approaches (Static and Dynamic) and also tools like ProDiscover, Encase, Accessdata FTK and Autopsy to guarantee the security of a system in an organization. The process requires knowledge of different registry, laws, and regulations related to computer crimes, the operating system (Windows, Linux, etc.) and the network in an organization (e.g., Win NT). In this paper we will use different forensic tools to extract forensic evidence from a windows environment.

PDF

References

  1. Alghafli, K. A., Jones, A., & Martin, T. A. (2010). Forensic analysis of the windows 7 registry. The Journal of Digital Forensics, Security and Law : JDFSL, 5(4), 5.
  2. Alwis, Chirath De. (2018, March 2). Evidence Acquisition Using Accessdata FTK Imager. Retrieved from https://articles.forensicfocus.com/2018/03/02/evidence-acquisition-using-accessdata-ftkimager/
  3. Autopsy. (n.d.). Sleuthkit. Retrieved from https://www.sleuthkit.org/proj.php
  4. Autopsy. (n.d.). Sleuthkit. Retrieved from https://www.sleuthkit.org/autopsy/download.php
  5. B. Carrier & E. H. Spafford, (2003) “Getting Physical with the Digital Investigation Process”, International Journal of Digital Evidence, Vol. 2, No. 2
  6. Carvey, H. (2005). The windows registry as a forensic resource. Digital Investigation, 2(3), 201-205. doi:10.1016/j.diin.2005.07.003
  7. Carvey, H. (2011). Windows registry forensics: Advanced digital forensic analysis of the windows registry. Elsevier.
  8. Casey, E. (2011). Digital evidence and computer crime: Forensic science, computers, and the internet. Academic Press.
  9. Forensic Evidence”, Forensic Science Communications, Vol. 2, No. 4.
  10. Christin. (2018, June 10). Why is Mailbird the best alternative to Outlook? Retrieved from https://www.getmailbird.com/mailbird-bestalternative-to-outlook/
  11. Gogolin, G. (2014). Investigations: What is digital forensics and what should you know about it?
  12. G. Palmer, (2001) "DTR-T001-01 Technical Report. A Road Map for Digital Forensic Research", Digital Forensics Workshop (DFRWS), Utica, New York.
  13. M. G. Noblett, M. M. Pollitt & L. A. Presley, (2000) “Recovering and Examining Computer
  14. Michael Solomon, D. B. (2005). Computer Forensics, jump start. SYBEX.
  15. Perumal, S., (2009) “Digital Forensic Model based on Malaysian Investigation Process”, International Journal of Computer Science and Network Security, Vol. 9, No. 8.
  16. Vacca, J. R. (2010). Computer Forensic, computer crime scene investigation. Charles River Media.