当前位置: X-MOL 学术 › Digit. Investig. › 论文详情
Our official English website, www.x-mol.net, welcomes your feedback! (Note: you will need to create a separate account there.)
Timeline2GUI: A Log2Timeline CSV parser and training scenarios
Digital Investigation ( IF 2.860 ) Pub Date : 2018-12-31 , DOI: 10.1016/j.diin.2018.12.004
Mark Debinski , Frank Breitinger , Parvathy Mohan

Crimes involving digital evidence are getting more complex due to the increasing storage capacities and utilization of devices. Event reconstruction (i.e., understanding the timeline) is an essential step for investigators to understand a case where a prominent tool is Log2Timeline (a tool that creates super timelines which is a combination of several log files and events throughout a system). While these timelines provide great evidence and help to understand a case, they are complex and require tools as well as training scenarios. In this paper we present Timeline2GUI an easy-to-use python implementation to analyze CSV log files create by Log2Timeline. Additionally, we present three training scenarios – beginner, intermediate and advanced – to practice timeline analysis skills as well as familiarity with visualization tools. Lastly, we provide a comprehensive overview of tools.



中文翻译:

Timeline2GUI:Log2Timeline CSV解析器和培​​训方案

由于存储容量和设备利用率的提高,涉及数字证据的犯罪正变得越来越复杂。事件重构(即了解时间线)是调查人员了解Log2Timeline(一种创建超级时间线的工具,该工具将整个系统中多个日志文件和事件的组合的工具)的案例的重要步骤。这些时间表虽然提供了很好的证据并有助于理解案例,但它们很复杂,需要工具和培训方案。在本文中,我们介绍了Timeline2GUI一个易于使用的python实现,用于分析Log2Timeline创建的CSV日志文件。此外,我们介绍了三种培训场景-初学者,中级和高级-练习时间轴分析技能以及对可视化工具的熟悉。最后,我们提供了工具的全面概述。

更新日期:2018-12-31
down
wechat
bug