Analysis of Windows 8 Registry Artifacts
Microsoft’s series of Windows operating systems represents some of the most commonly encountered technologies in the field of digital forensics. It is then fair to say that Microsoft’s design decisions greatly affect forensic efforts. Because of this, it is exceptionally important for the forensics...
| Main Author: | |
|---|---|
| Format: | Others |
| Published: |
ScholarWorks@UNO
2013
|
| Subjects: | |
| Online Access: | http://scholarworks.uno.edu/td/1779 http://scholarworks.uno.edu/cgi/viewcontent.cgi?article=2794&context=td |
| Summary: | Microsoft’s series of Windows operating systems represents some of the most commonly encountered technologies in the field of digital forensics. It is then fair to say that Microsoft’s design decisions greatly affect forensic efforts. Because of this, it is exceptionally important for the forensics community to keep abreast of new developments in the Windows product line. With each new release, the Windows operating system may present investigators with significant new artifacts to explore. Described by some as the heart of the Windows operating system, the Windows registry has been proven to contain many of these forensically interesting artifacts. Given the weight of Microsoft’s influence on digital forensics and the role of the registry within Windows operating systems, this thesis delves into the Windows 8 registry in the hopes of developing new Windows forensics utilities. |
|---|