Skip to main content
Conference Proceedings

Introducing and analysis of the Windows 8 event log for forensic purposes

Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics) (2015) 8915 145-162
DOI: 10.1007/978-3-319-20125-2_13
9Citations
Citations of this article
15Readers
Mendeley users who have this article in their library.
Get full text

Abstract

All operating systems are employing some sort of logging mechanism to track and note users activities and Microsoft Windows is not an exception. Log Analysis is one of the important parts of Windows forensics process. The Windows event log system introducing in Windows NT was released with a new feature for Microsoft Windows family and since then went through several major changes and updates. The event log experienced major updated in Windows 8. This paper first introduces Windows 8 event log format and then proceeds with explaining methods for analyzing the logs for digital investigation and incident handling. The main contributions of this paper are introducing Windows8 logging service and forensic examination of it.

Author supplied keywords

Cite

CITATION STYLE

APA

Talebi, J., Dehghantanha, A., & Mahmoud, R. (2015). Introducing and analysis of the Windows 8 event log for forensic purposes. In Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics) (Vol. 8915, pp. 145–162). Springer Verlag. https://doi.org/10.1007/978-3-319-20125-2_13

Register to see more suggestions

Mendeley helps you to discover research relevant for your work.

Already have an account?

Save time finding and organizing research with Mendeley

Sign up for free