Journal article
A survey on forensic investigation of operating system logs
Digital Investigation, Vol.29, pp.1-20
2019
Abstract
Event logs are one of the most important sources of digital evidence for forensic investigation because they record essential activities on the system. In this paper, we present a comprehensive literature survey of the forensic analysis on operating system logs. We present a taxonomy of various techniques used in this area. Additionally, we discuss the tools that support the examination of the event logs. This survey also gives a review of the publicly available datasets that are used in operating system log forensics research. Finally, we suggest potential future directions on the topic of operating system log forensics.
Details
- Title
- A survey on forensic investigation of operating system logs
- Authors/Creators
- H. Studiawan (Author/Creator) - Murdoch UniversityF. Sohel (Author/Creator) - Murdoch UniversityC. Payne (Author/Creator) - Murdoch University
- Publication Details
- Digital Investigation, Vol.29, pp.1-20
- Publisher
- Elsevier Ltd
- Identifiers
- 991005543330007891
- Copyright
- © 2019 Elsevier Ltd.
- Murdoch Affiliation
- Information Technology, Mathematics and Statistics
- Language
- English
- Resource Type
- Journal article
Metrics
556 File views/ downloads
186 Record Views
InCites Highlights
These are selected metrics from InCites Benchmarking & Analytics tool, related to this output
- Citation topics
- 4 Electrical Engineering, Electronics & Computer Science
- 4.187 Security Systems
- 4.187.1404 Malware Detection
- Web Of Science research areas
- Computer Science, Information Systems
- Computer Science, Interdisciplinary Applications
- ESI research areas
- Computer Science