J Talebi
Introducing and analysis of the Windows 8 event log for forensic purposes
Talebi, J; Dehghantanha, A; Ramlan, M
Authors
A Dehghantanha
M Ramlan
Abstract
All operating systems are employing some sort of logging mechanism to track and note users activities and Microsoft Windows is not an exception. Log Analysis is one of the important parts of Windows forensics process. The Windows event log system introducing in Windows NT was released with a new feature for Microsoft Windows family and since then went through several major changes and updates. The event log experienced major updated in Windows 8. This paper first introduces Windows 8 event log format and then proceeds with explaining methods for analyzing the logs for digital investigation and incident handling. The main contributions of this paper are introducing Windows8 logging service and forensic examination of it.
Citation
Talebi, J., Dehghantanha, A., & Ramlan, M. (2015). Introducing and analysis of the Windows 8 event log for forensic purposes. In Computational Forensics (145-162). Lecture Notes in Computer Science. https://doi.org/10.1007/978-3-319-20125-2_13
| Publication Date | Jan 1, 2015 |
|---|---|
| Deposit Date | Aug 18, 2015 |
| Pages | 145-162 |
| Book Title | Computational Forensics |
| ISBN | 9783319201245 |
| DOI | https://doi.org/10.1007/978-3-319-20125-2_13 |
| Publisher URL | http://dx.doi.org/10.1007/978-3-319-20125-2_13 |
| Related Public URLs | http://dx.doi.org/10.1007/978-3-319-20125-2 |
Downloadable Citations
About USIR
Administrator e-mail: library-research@salford.ac.uk
This application uses the following open-source libraries:
SheetJS Community Edition
Apache License Version 2.0 (http://www.apache.org/licenses/)
PDF.js
Apache License Version 2.0 (http://www.apache.org/licenses/)
Font Awesome
SIL OFL 1.1 (http://scripts.sil.org/OFL)
MIT License (http://opensource.org/licenses/mit-license.html)
CC BY 3.0 ( http://creativecommons.org/licenses/by/3.0/)
Powered by Worktribe © 2025
Advanced Search