Olajide, F ORCID: https://orcid.org/0000-0003-1627-6637, Savage, N, Akmayeva, G and Shoniregun, C, 2012. Identifying and finding forensic evidence from Windows application. Journal of Internet Technology and Secured Transactions, 1 (4), pp. 117-122. ISSN 2046-3723
Preview |
Text
1597830_Olajide.pdf - Published version Download (1MB) | Preview |
Abstract
This paper presents the method of identifying and finding forensic evidence from the volatile memory of Windows computer systems. This is a scenario-based investigation on what amount of user input can be recovered when application is opened and images are captured at set interval while Windows system is still actively running. This approach of digital investigation revealed the extracted evidence of user input stored and as dispersed on the application memory of Windows system. In this experiment, the result shows a coherent view of user input on some commonly used applications with over 39% of user input stored on MS Access and 44% was stored on Excel. The quantitative assessment of user input will be presented on the basis of the repeated number of user input recovered, the percentage of user input found and the length of evidence found in a continuous block of the application memory.
Item Type: | Journal article |
---|---|
Publication Title: | Journal of Internet Technology and Secured Transactions |
Creators: | Olajide, F., Savage, N., Akmayeva, G. and Shoniregun, C. |
Publisher: | Infonomics Society |
Date: | 5 December 2012 |
Volume: | 1 |
Number: | 4 |
ISSN: | 2046-3723 |
Identifiers: | Number Type 10.20533/jitst.2046.3723.2012.0016 DOI 1597830 Other |
Divisions: | Schools > School of Science and Technology |
Record created by: | Laura Ward |
Date Added: | 22 Sep 2022 13:10 |
Last Modified: | 22 Sep 2022 13:10 |
Related URLs: | |
URI: | https://irep.ntu.ac.uk/id/eprint/47082 |
Actions (login required)
Edit View |
Statistics
Views
Views per month over past year
Downloads
Downloads per month over past year