Digital Forensic Identification, Collection, Examination and Decoding of Windows Registry Keys for Discovering User Activities Patterns

Provided by: IJCTT-International Journal of Computer Trends and Technology
Topic: Software
Format: PDF
In this paper, the authors begin the investigation process with the initial forensic analysis in the segments of the storage media which would definitely contain the digital forensic evidences. These storage media locations are referred as the Windows registry. Identifying the forensic evidence from windows registry may take less time than required in the case of all locations of a storage media. The authors' main focus in this research will be to study the registry structure of Windows 7 and identify the useful information within the registry keys of windows 7 that may be extremely useful to carry out any task of digital forensic analysis.

Find By Topic