Skip to main content
Journal ArticleOPEN ACCESS

Forensic Analysis of Windows Registry Against Intrusion

  • Xie H
International Journal of Network Security & Its Applications (2012) 4(2) 121-134
DOI: 10.5121/ijnsa.2012.4209
N/ACitations
Citations of this article
40Readers
Mendeley users who have this article in their library.

Abstract

Windows Registry forensics is an important branch of computer and network forensics. Windows Registry is often considered as the heart of Windows Operating Systems because it contains all of the configuration setting of specific users, groups, hardware, software, and networks. Therefore, Windows Registry can be viewed as a gold mine of forensic evidences which could be used in courts. This paper introduces the basics of Windows Registry, describes its structure and its keys and subkeys that have forensic values. This paper also discusses how the Windows Registry forensic keys can be applied in intrusion detection.

Cite

CITATION STYLE

APA

Xie, H. (2012). Forensic Analysis of Windows Registry Against Intrusion. International Journal of Network Security & Its Applications, 4(2), 121–134. https://doi.org/10.5121/ijnsa.2012.4209

Register to see more suggestions

Mendeley helps you to discover research relevant for your work.

Already have an account?

Save time finding and organizing research with Mendeley

Sign up for free