1 |
Wikipedia.org, "NTFS - Features - Scalability," http://en.wikipedia.org/wiki/NTFS#Features
|
2 |
Microsoft TechNet, "How NTFS Works," https://technet.microsoft.com/en-us/library/cc781134(v=ws.10).aspx.
|
3 |
B. Carrier, File System Forensic Analysis, Addison-Wesley, 2005, pp. 273-396.
|
4 |
William Ballenthin, "NTFS INDX Attribute Parsing," http://www.williballenthin.com/forensics/indx/index.html.
|
5 |
Chad Tilbury, "NTFS $I30 Index Attributes: Evidence of Deleted and Overwritten Files," SANS Digital Forensics and Incident Response Blog, http://digital-forensics.sans.org.
|
6 |
William Ballenthin and Jeff Hamm, "Incident Response with NTFS INDX Buffers - Parts 1, 2, 3 and 4," https://www.mandiant.com/blog/author/willi-ballenthin/
|
7 |
Ewa Huebner, Derek Bem and Cheong Kai Wee, "Data hiding in the NTFS file system," Digital Investigation, Vol. 3, Issue 4, 2006, pp. 211-226.
DOI
|
8 |
조규상, "타임스탬프 변화패턴을 근거로 한 평가함수에 의한 디지털 포렌식 방법," 디지털산업정보학회 논문지, 10권, 2호, 2014, pp.91-105.
|
9 |
조규상, "Windows 파일시스템의 디렉토리에 대한 디지털 포렌식 분석," 디지털산업정보학회 논문지, 제11권, 제2호, 2015, pp. 73-90.
|
10 |
Gyu-Sang Cho, "NTFS Directory Index Analysis for Computer Forensics," IMIS 2015(the 9-th Int. Conf. on Innovative Mobile and Internet Services in Ubiquitous Computing), July 8th-10th, Blumenau Brazil, 2015.
|
11 |
조규상, "새로운 NTFS 디렉토리 인덱스 안티포렌식 기법," 한국정보전자통신기술학회논문지, 8권, 4호, 2015, pp. 327-337.
DOI
|
12 |
Microsoft MSDN, "Naming Files, Paths, and Namespaces", https://msdn.microsoft.com/en-us/library/aa365247
|