Case based interpretation of windows 10 registry forensics
With the advancement in computer technologies, cybercrimes advanced too. As in today’s world, the technology knowledge to attack a computer is less than ever, with the help of advanced tools that does most of the work. Digital forensic investigations are crucial in solving this type of crimes, and i...
Saved in:
| Main Authors: | , |
|---|---|
| Format: | Article |
| Published: |
International Journal of Innovative Computing
2018
|
| Subjects: | |
| Online Access: | http://eprints.utm.my/id/eprint/82202/ https://doi.org/10.11113/ijic.v8n1.165 |
| Tags: |
Add Tag
No Tags, Be the first to tag this record!
|
| Institution: | Universiti Teknologi Malaysia |
| id |
my.utm.82202 |
|---|---|
| record_format |
eprints |
| spelling |
my.utm.822022019-11-10T01:16:41Z http://eprints.utm.my/id/eprint/82202/ Case based interpretation of windows 10 registry forensics Mat Din, Mazura Binjuraid, Hasan QA75 Electronic computers. Computer science With the advancement in computer technologies, cybercrimes advanced too. As in today’s world, the technology knowledge to attack a computer is less than ever, with the help of advanced tools that does most of the work. Digital forensic investigations are crucial in solving this type of crimes, and it must be done professionally. Computer registries play a big part in the digital forensic investigation, it can help find artifacts that are left by the cybercrimes, dates of the crimes on the computer system and the user at the time of the crime. In this research, interpretation of these artifacts is the main focus, committees and jurors are the focus of the interpretations of the registries. Two types of cases are subject to investigation in this research. BitTorrent clients’ use for downloading illegal o copyrighted content, and three clients are chosen for this digital forensic investigation uTorrent, Vuze and BitComet. Theft using USB storage devices is the second type of case, where there are three types of USB devices Mass Storage Class, Picture Transfer Protocol and Media Transfer Protocol, each type of USB devices leaves different artifacts behind during insertion and removal. A web based dashboard will be developed to help with the process of interpretation the artifacts found in the registry of the computer system. A categorization process of each cybercrime case will be conduct to evaluate the severity of the case depending on the artifacts found in the digital forensics investigation process. The research methodology will consist of three phases. The first phase will be information gathering including literature review, requirements gathering and dataset gathering for the research. Performing digital forensics analysis will be the second phase and it includes planning, identification and reconnaissance. Last phase will include result analysis and discussion. International Journal of Innovative Computing 2018 Article PeerReviewed Mat Din, Mazura and Binjuraid, Hasan (2018) Case based interpretation of windows 10 registry forensics. International Journal of Innovative Computing, 8 (1). pp. 43-47. ISSN 2180-4370 https://doi.org/10.11113/ijic.v8n1.165 DOI: 10.11113/ijic.v8n1.165 |
| institution |
Universiti Teknologi Malaysia |
| building |
UTM Library |
| collection |
Institutional Repository |
| continent |
Asia |
| country |
Malaysia |
| content_provider |
Universiti Teknologi Malaysia |
| content_source |
UTM Institutional Repository |
| url_provider |
http://eprints.utm.my/ |
| topic |
QA75 Electronic computers. Computer science |
| spellingShingle |
QA75 Electronic computers. Computer science Mat Din, Mazura Binjuraid, Hasan Case based interpretation of windows 10 registry forensics |
| description |
With the advancement in computer technologies, cybercrimes advanced too. As in today’s world, the technology knowledge to attack a computer is less than ever, with the help of advanced tools that does most of the work. Digital forensic investigations are crucial in solving this type of crimes, and it must be done professionally. Computer registries play a big part in the digital forensic investigation, it can help find artifacts that are left by the cybercrimes, dates of the crimes on the computer system and the user at the time of the crime. In this research, interpretation of these artifacts is the main focus, committees and jurors are the focus of the interpretations of the registries. Two types of cases are subject to investigation in this research. BitTorrent clients’ use for downloading illegal o copyrighted content, and three clients are chosen for this digital forensic investigation uTorrent, Vuze and BitComet. Theft using USB storage devices is the second type of case, where there are three types of USB devices Mass Storage Class, Picture Transfer Protocol and Media Transfer Protocol, each type of USB devices leaves different artifacts behind during insertion and removal. A web based dashboard will be developed to help with the process of interpretation the artifacts found in the registry of the computer system. A categorization process of each cybercrime case will be conduct to evaluate the severity of the case depending on the artifacts found in the digital forensics investigation process. The research methodology will consist of three phases. The first phase will be information gathering including literature review, requirements gathering and dataset gathering for the research. Performing digital forensics analysis will be the second phase and it includes planning, identification and reconnaissance. Last phase will include result analysis and discussion. |
| format |
Article |
| author |
Mat Din, Mazura Binjuraid, Hasan |
| author_facet |
Mat Din, Mazura Binjuraid, Hasan |
| author_sort |
Mat Din, Mazura |
| title |
Case based interpretation of windows 10 registry forensics |
| title_short |
Case based interpretation of windows 10 registry forensics |
| title_full |
Case based interpretation of windows 10 registry forensics |
| title_fullStr |
Case based interpretation of windows 10 registry forensics |
| title_full_unstemmed |
Case based interpretation of windows 10 registry forensics |
| title_sort |
case based interpretation of windows 10 registry forensics |
| publisher |
International Journal of Innovative Computing |
| publishDate |
2018 |
| url |
http://eprints.utm.my/id/eprint/82202/ https://doi.org/10.11113/ijic.v8n1.165 |
| _version_ |
1654960007160004608 |