Extraction and Categorisation of User Activity from Windows Restore Points

Extraction and Categorisation of User Activity from Windows Restore Points

<p class="JDFSLParagraph">The extraction of the user activity is one of the main goals in the analysis of digital evidence. In this paper we present a methodology for extracting this activity by comparing multiple Restore Points found in the Windows XP operating system. The registry...

Full description

Bibliographic Details
Main Authors: Damir Kahvedzic, Tahar Kechadi
Format: Article
Language:English
Published: Association of Digital Forensics, Security and Law 2008-12-01
Series:Journal of Digital Forensics, Security and Law
Online Access:http://ojs.jdfsl.org/index.php/jdfsl/article/view/170

Internet

http://ojs.jdfsl.org/index.php/jdfsl/article/view/170

Similar Items