1 |
F.Cohen, Digital Forensic Evidence Examination, 4th Ed, Fred Cohen & Associates, 2009-2012
|
2 |
C.Altheide, H.Carvey, Digital Forensics with Open Source Tools : Using Open Source Platform Tools for Performing Computer Forensics on TargetSystems: Windows, Mac, Linux, Unix, etc, 1st Edition, Syngress Media Inc, 2011
|
3 |
H.Carvey, Windows Registry forensics: advanced digital forensic analysis of the Windows Registry, Syngress Publishing, 2011
|
4 |
S.Garfinkel, P.Farrel, V.Roussev and G.Dinolt, "Bringing science to digital forensics with standardized forensic corpora," Digital Investigation 6, 2009.
|
5 |
JR Lyle, DR White and RP Ayers, "Digital forensics at the national institute of standards and technology," National Institute of Standards and Technology, 2008
|
6 |
Lei Pan, "Robust performance testing for digital forensic tools," Digital Investigation, vol. 6, pp. 71-81, Sept 2009
DOI
|
7 |
K.Woods, C.Lee, S.Garfinkel, D.Dittrich, A.Russell and K.Kearton, "Creating realistic corpora for security and forensic education," Proceedings of the ADFSL Conference on Digital Forensics, Security and Law, 2011.
|
8 |
S.Carfinkel, "Forensic corpora, a challenge for forensic research," unpublished manuscript, 2007.
|
9 |
Peng Li, "Selecting and using virtualization solutions: our experiences with VMware and VirtualBox," Journal of Computing Sciences in Colleges, Vol. 2, pp 11-17, Jan. 2010.
|
10 |
F.Buchholz, E.Spafford, "On the role of file system metadata in digital forensics," Digital Investigation, Vol. 1, pp 298-309, Dec. 2004.
DOI
|
11 |
B.Carrier, EH.Spafford, "An event-based digital forensic investigation framework," Digital forensic research workshop, 2004.
|
12 |
M.Geiger, "Evaluating commercial counter-forensic tools," 2005 Digital Forensic Workshop, 2005.
|
13 |
H.Carvey, "The Windows Registry as a forensic resource," Digital Investigation, Vol. 2, pp. 201-205, Sept. 2005.
DOI
|
14 |
V.Mee, T.Tryfonas and I.Sutherland, "The Windows Registry as a forensic artefact: Illustrating evidence collection for Internet usage," Digital Investigation, Vol. 3, pp. 166-173, Sept. 2006.
DOI
|
15 |
E.Huebner, D.Bem and CK.Wee, "Data hiding in the NTFS file system," Digital Investigation, Vol. 3, pp. 211-226, Dess. 2006.
DOI
|
16 |
H.Chung, J.Park, S.Lee and C.Kang, "Digital forensic investigation of cloud storage services," Digital Investigation, Vol. 9, pp. 81-95, Nov. 2012.
DOI
|
17 |
A.Castiglione, A.De Santis and C.Soriente, "Taking advantages of a disadvantage: Digital forensics and steganography using document metadata," Journal of Systems and Software, Vol. 80, pp. 750-764, May. 2007.
DOI
|
18 |
TD.Morgan, "Recovering deleted data from the Windows registry," Digital Investigation, Vol. 5, pp. S33-S41, Sept. 2008.
DOI
|
19 |
B.Park, J.Park and S.Lee, "Data concealment and detection in Microsoft Office 2007 files," Digital Investigation, Vol. 5, pp. 104-114, Mar. 2009.
DOI
|
20 |
J.Collie, "The windows IconCache.db: A resource for forensic artifacts from USB connectable devices," Digital Investigation, Vol. 9, pp. 200-201, Feb. 2013.
DOI
|
21 |
MG.Meshram, D.Kapgate, "Investigating the Artifacts Using Windows Registry and Log Files," IJCSMC, Vol. 4, pp. 625-631, Jun. 2015.
|
22 |
NK.Shashidhar, D.Novak, "Digital Forensic Analysis on Prefetch Files," International Journal of Information Security Science, Vol. 4, no. 2, 2015.
|
23 |
SK.Khode, VN.Pahune and MR.Sayankar, "Digital Forensic Tool for Decision Making in Computer Security Domain," International Journal for Research in Emerging Science and Technology, Vol. 2, Apr. 2015.
|
24 |
CFTT, http://www.cftt.nist.gov/
|
25 |
Computer Forensic Reference Data Sets, http://www.cfreds.nist.gov/
|
26 |
Digital Forensic Tool Testing Images, http://dftt.sourceforge.net/
|
27 |
NPS Corpus, http://digitalcorpora.org/
|
28 |
Harlan Carvey, RegRipper, v2.8, https://code.google.com/p/regripper/download s/list
|
29 |
Lance Mueller's Homepage, http://www.forensickb.com/
|
30 |
Portable Forensics, Windows Artifact Analysis,http://portable-forensics.blogspot.kr/2014/10/windows-artifact-analysis.html
|
31 |
Didier Stevens, UserAssist, v2.6.0, http://blog.didierstevens.com/programs/userassist/
|
32 |
woanware, RegRipperRunner, v1.0.4, http://www.woanware.co.uk/forensics/regripperrunner.html
|
33 |
woanware, ForensicUserInfo, v1.0.5, http://www.woanware.co.uk/forensics/forensicuserinfo.html
|
34 |
woanware, USBDeviceForensics, v1.0.14, http://www.woanware.co.uk/forensics/usbdeviceforensics.html
|
35 |
MiTeC, Windows Registry Recovery, v1. 5.3, http://www.mitec.cz/Data/XML/data_downloads.xml
|
36 |
NirSoft, BrowsingHistoryView, v1.69, http://www.nirsoft.net/utils/browsing_history_view.html
|
37 |
NirSoft, ChromeCacheView, v1.66, http://www.nirsoft.net/utils/chrome_cache_view.html
|
38 |
NirSoft, ChromeHistoryView, v1.22, http://www.nirsoft.net/utils/chrome_history_view.html
|
39 |
woanware, ChromeForensics, v1.0.5, http://www.woanware.co.uk/forensics/chromeforensics.html
|
40 |
woanware, FireFoxForensics, v1.0.5, http://www.woanware.co.uk/forensics/firefoxforensics.html
|
41 |
woanware, Firefoxsessionstoreextractor, v1.0.2, http://www.woanware.co.uk/forensics/firefoxsessionstoreextractor.html
|
42 |
NirSoft, MozillaCacheView, v1.6, http://www.nirsoft.net/utils/mozilla_cache_viewer.html
|
43 |
NirSoft, IECacheView, v1.53, http://www.nirsoft.net/utils/ie_cache_viewer.html
|
44 |
NirSoft, IECookiesView, v1.77, http://www.nirsoft.net/utils/iecookies.html
|
45 |
NirSoft, IEHistoryView, v1.70, http://www.nirsoft.net/utils/iehv.html
|
46 |
NirSoft, MozilaCookieView, v1.50, http://www.nirsoft.net/utils/mzcv.html
|
47 |
NirSoft, MozilaHistoryView, v1.56, http://www.nirsoft.net/utils/mozilla_history_view.html
|
48 |
"NirSoft, MyLastSearch, v1.63, http://www.nirsoft.net/utils/my_last_search.html
|
49 |
NirSoft, OperaCacheView, v1.06, http://www.nirsoft.net/utils/opera_cache_view.html
|
50 |
NirSoft, SafariCacheView, v1.11, http://www.nirsoft.net/utils/safari_cache_view.html
|
51 |
NirSoft, SafariHistoryView, v1.01, http://www.nirsoft.net/utils/safari_history_view.html
|
52 |
NirSoft, WebBrowserPassView, v1.60, http://www.nirsoft.net/utils/web_browser_password.html
|
53 |
https://drive.google.com/open?id=0ByMck91GiIuqNUVNN2pzcjkyT1E
|
54 |
https://drive.google.com/open?id=0Byhj6HV8ySUyMTV6Q2FETF9kQ2s
|
55 |
https://drive.google.com/open?id=0Byhj6HV8ySUycHRoVHI3SEJLbVk
|
56 |
https://drive.google.com/open?id=0Byhj6HV8ySUyNDdydHlERm01TE0
|
57 |
https://drive.google.com/open?id=0B9Sfk3oZxm9IQUZNZjYycVMxZTg
|
58 |
https://drive.google.com/open?id=0B9Sfk3oZxm9IUTJiMjRPWHltRjA
|
59 |
https://drive.google.com/open?id=0B9Sfk3oZxm9IdW9XZHdINTRtMUE
|
60 |
https://drive.google.com/open?id=0B9Sfk3oZxm9IQjJtaWNIVU9qOEU
|
61 |
https://drive.google.com/open?id=0B9Xaut-MwPuJTGVnSC16MzJvbGc
|
62 |
https://drive.google.com/open?id=0B9Xaut-MwPuJTVhldWhqRDVGM2s
|
63 |
https://drive.google.com/open?id=0B9Xaut-MwPuJN1gxeVMwVXNVV1E
|