首页> 美国政府科技报告 >Exposing Vital Forensic Artifacts of USB Devices in the Windows 10 Registry.

【24h】

Exposing Vital Forensic Artifacts of USB Devices in the Windows 10 Registry.

机译：在Windows 10注册表中公开UsB设备的重要法医伪像。

获取原文

页面导航

摘要
著录项
相似文献
相关主题

摘要

Digital media devices are regularly seized pursuant to criminal investigations and Microsoft Windows is the most commonly encountered platform on seized computers. Microsoft recently released a technical preview build of their Windows 10 operating system which can run on computers, smart phones, tablets, and embedded devices. This work investigated the forensically valuable areas of the Windows 10 registry. The focus was on the Windows Registry hives affected when USB storage devices are connected to a laptop configured with Windows 10. Paths were identified that indicate the date/time of last insertion and removal of a thumb drive. Live monitoring and post-mortem forensic methodologies were used to map Registry paths containing USB identifiers such as make/model information, serial numbers and GUIDs. These identifiers were located in multiple paths in the allocated and unallocated space of the Registries analyzed.

著录项

作者
Shaver, J. S.;
展开▼
作者单位

展开▼
年度 2015
页码 1-63
总页数 63
原文格式 PDF
正文语种 eng
中图分类工业技术;
关键词
Computer network security; Criminal investigations; Operating systems(computers); Computer viruses; Data storage systems; Digital systems; Homeland security; Intrusion detection(computers); Litigation; Mobile computing; Monitoring; Removal; Standardization; Statistical analysis; Theses; Windows registry; Computer forensics; Digital footprints; Usb storage devices; Malware;

机译：计算机网络安全;刑事调查;操作系统（计算机）;计算机病毒;数据存储系统;数字系统;国土安全;入侵检测（计算机）;诉讼;移动计算;监控;移除;标准化;统计分析;论文; Windows注册表;计算机取证;数字足迹; Usb存储设备;恶意软件;

相似文献

外文文献
中文文献
专利

1. The windows IconCache.db: A resource for forensic artifacts from USB connectable devices [J] . Jan Collie Digital investigation . 2013,第3a4期

机译：Windows IconCache.db：来自USB可连接设备的取证工件的资源
2. USB USB Storage Device Forensics for Windows 10 [J] . Arshad Ayesha, Iqbal Waseem, Abbas Haider Journal of forensic sciences. . 2018,第3期

机译：Windows 10的USB USB存储设备取证
3. Forensic signature for tracking storage devices: Analysis of UEFI firmware image, disk signature and windows artifacts [J] . Jeong Doowon, Lee Sangjin Digital investigation . 2019,第JUNa期

机译：用于跟踪存储设备的取证签名：UEFI固件映像，磁盘签名和Windows工件的分析
4. USB Device Forensics: Insertion and removal timestamps of USB devices in Windows 8 [C] . Swasti Bhushan Deb, Arjun Chetry 2015 International Symposium on Advanced Computing and Communication . 2015

机译：USB设备取证：Windows 8中USB设备的插入和删除时间戳记
5. USBWall: A Novel Security Mechanism to Protect Against Maliciously Reprogrammed USB Devices. [D] . Kang, Myung-gu. 2015

机译：USBWall：一种新颖的安全机制，可防止恶意重新编程的USB设备。
6. Commentary on: Rivers DB et al. Immunoassay detection of fly artifacts produced by several species of necrophagous flies following feeding on human blood. Forensic Science International: Synergy 2019;1(1):1–10 [O] . Ralph R. Ristenbatt, III 2019

机译：评论：Rivers DB等免疫分析检测几种食肉性蝇类在食用人血后产生的蝇伪迹。国际法证科学：协同效应2019; 1（1）：1-10
7. Exposing vital forensic artifacts of USB devices in the Windows 10 registry [O] . Shaver Jason S. 2015

机译：在Windows 10注册表中公开USB设备的重要取证工件

Exposing Vital Forensic Artifacts of USB Devices in the Windows 10 Registry.

摘要

著录项

相似文献

相关主题

期刊订阅