Demystifying Windows Prefetch (solving real world security problems: hacking and protection)

Demystifying Windows Prefetch (solving real world security problems: hacking and protection)

The purpose of this project is to document the default behaviour of the Microsoft Windows Prefetecher and Superfetch components under the lens of digital forensics. This project covers the various limitations of the Windows Prefetecher which limits its reliability and capabilities as a forensic ar...

Full description

Saved in:
Bibliographic Details
Main Author: Yeoh, Jun Yi
Other Authors: Liu Yang
Format: Final Year Project
Language:English
Published: Nanyang Technological University 2022
Subjects:
Engineering::Computer science and engineering::Software::Operating systems
Online Access:https://hdl.handle.net/10356/162393
Tags: Add Tag
No Tags, Be the first to tag this record!
Institution: Nanyang Technological University
Language: English
id sg-ntu-dr.10356-162393
record_format dspace
spelling sg-ntu-dr.10356-1623932022-10-18T01:52:03Z Demystifying Windows Prefetch (solving real world security problems: hacking and protection) Yeoh, Jun Yi Liu Yang School of Computer Science and Engineering yangliu@ntu.edu.sg Engineering::Computer science and engineering::Software::Operating systems The purpose of this project is to document the default behaviour of the Microsoft Windows Prefetecher and Superfetch components under the lens of digital forensics. This project covers the various limitations of the Windows Prefetecher which limits its reliability and capabilities as a forensic artifact. This paper will cover the default settings bundled with various Windows editions spanning Windows 10 and 11. Next, various configuration options for Prefetcher, Superfetch and the Sysmain Service are evaluated along with their effects on the creation and retention of prefetch files. Lastly, it covers the various test cases attempted to circumvent the Prefetcher component aiming to recreate techniques attackers may employ. Bachelor of Engineering Science (Computer Science) 2022-10-18T01:52:03Z 2022-10-18T01:52:03Z 2022 Final Year Project (FYP) Yeoh, J. Y. (2022). Demystifying Windows Prefetch (solving real world security problems: hacking and protection). Final Year Project (FYP), Nanyang Technological University, Singapore. https://hdl.handle.net/10356/162393 https://hdl.handle.net/10356/162393 en SCSE20-0706 application/pdf Nanyang Technological University
institution Nanyang Technological University
building NTU Library
continent Asia
country Singapore
Singapore
content_provider NTU Library
collection DR-NTU
language English
topic Engineering::Computer science and engineering::Software::Operating systems
spellingShingle Engineering::Computer science and engineering::Software::Operating systems
Yeoh, Jun Yi
Demystifying Windows Prefetch (solving real world security problems: hacking and protection)
description The purpose of this project is to document the default behaviour of the Microsoft Windows Prefetecher and Superfetch components under the lens of digital forensics. This project covers the various limitations of the Windows Prefetecher which limits its reliability and capabilities as a forensic artifact. This paper will cover the default settings bundled with various Windows editions spanning Windows 10 and 11. Next, various configuration options for Prefetcher, Superfetch and the Sysmain Service are evaluated along with their effects on the creation and retention of prefetch files. Lastly, it covers the various test cases attempted to circumvent the Prefetcher component aiming to recreate techniques attackers may employ.
author2 Liu Yang
author_facet Liu Yang
Yeoh, Jun Yi
format Final Year Project
author Yeoh, Jun Yi
author_sort Yeoh, Jun Yi
title Demystifying Windows Prefetch (solving real world security problems: hacking and protection)
title_short Demystifying Windows Prefetch (solving real world security problems: hacking and protection)
title_full Demystifying Windows Prefetch (solving real world security problems: hacking and protection)
title_fullStr Demystifying Windows Prefetch (solving real world security problems: hacking and protection)
title_full_unstemmed Demystifying Windows Prefetch (solving real world security problems: hacking and protection)
title_sort demystifying windows prefetch (solving real world security problems: hacking and protection)
publisher Nanyang Technological University
publishDate 2022
url https://hdl.handle.net/10356/162393
_version_ 1749179232031866880

Similar Items