참고문헌
- Windows Memory Analysis, "http://www.forensicswiki.org/wiki/Windows_Memory_Analysis"
- Wikipedia, "COFFE(Computer Online Forensic Evidence Extractor)", http://en.wikipedia.org/wiki/Computer_Online_Forensic_Evidence_Extractor
- PassMark Software, "OSF(OSForen- sics)", http://www.osforensics.com/do wnload.html
- ArxSys, "DFF", http://www.digital-for-ensic.org/en/
- DeftLinux, "DART2", http://www.deft-linux.net/
- Wikipedia, "File System", https://en.wikipedia.org/wiki/File_system
- M Kohn, MS Olivier, JHP Eloff, "Fram ework for a Digital Forensic Investigat ion", JHP Eloff - ISSA, 2006
- M Reith, C Carr, G Gunsch, "An exam ination of digital forensic models", Inte rnational Journal of Digital Evid ence, 2002
- SANS, "Windows Artifact Analysis: Evidence of...", https://uk.sans.org/posters/windows_artifact_analysis.pdf010 Editor, Binary Template, http://www.sweetscape.com/010editor/templates.html
- wikipedia, List of file formats, https://en.wikipedia.org/wiki/List_of_file_formats
- Log2Timeline, Log2Timeline, https://github.com/log2timeline/plaso
- Data Structure, https://en.wikipedia.org/wiki/Data_structure
- Willi Ballenthin , python-evtx module, http://www.williballenthin.com/evtx/index.html
- Willi Ballenthin, python-registry mod ule,http://www.williballenthin.com /registry/index.html
- SQLite, The SQLite Database File For mat, https://www.sqlite.org/fileformat2.html
- Portable Python, "Portable Python", http://portablepython.com/
- SangJun Jeon, "Portable Forensic Platf orm", https://thesoft.org