当前位置: X-MOL 学术 › Digit. Investig. › 论文详情
Our official English website, www.x-mol.net, welcomes your feedback! (Note: you will need to create a separate account there.)
A survey on forensic investigation of operating system logs
Digital Investigation ( IF 2.860 ) Pub Date : 2019-03-04 , DOI: 10.1016/j.diin.2019.02.005
Hudan Studiawan , Ferdous Sohel , Christian Payne

Event logs are one of the most important sources of digital evidence for forensic investigation because they record essential activities on the system. In this paper, we present a comprehensive literature survey of the forensic analysis on operating system logs. We present a taxonomy of various techniques used in this area. Additionally, we discuss the tools that support the examination of the event logs. This survey also gives a review of the publicly available datasets that are used in operating system log forensics research. Finally, we suggest potential future directions on the topic of operating system log forensics.



中文翻译:

操作系统日志取证调查的调查

事件日志是法医调查最重要的数字证据来源之一,因为它们记录了系统中的基本活动。本文中,我们对操作系统日志的取证分析进行了全面的文献综述。我们介绍了此领域中使用的各种技术的分类法。此外,我们讨论了支持检查事件日志的工具。该调查还回顾了操作系统日志取证研究中使用的公共可用数据集。最后,我们建议有关操作系统日志取证的主题的潜在未来方向。

更新日期:2019-03-04
down
wechat
bug