Study on electronic evidence acquisition and analysis method over Windows logs

Study on electronic evidence acquisition and analysis method over Windows logs

In order to collect logs in real time,two methods to acquire Windows logs in real time were proposed respectively according to the two types of log file formats.Based on acquiring logs,an approach for correlating log files with atomic attack functions was proposed.After the correlation,atomic attack...

Full description

Saved in:
Bibliographic Details
Main Authors: Xiao-mei DONG, Xu-dong LIU, Xiao-hua LI, Ya-jie FEI
Format: Article
Language:zho
Published: Editorial Department of Journal on Communications 2012-11-01
Series:Tongxin xuebao
Subjects:
computer forensics
Windows logs
acquisition
analysis
event reconstruction
Online Access:http://www.joconline.com.cn/zh/article/doi/10.3969/j.issn.1000-436x.2012.z2.016/
Tags: Add Tag
No Tags, Be the first to tag this record!

Internet

http://www.joconline.com.cn/zh/article/doi/10.3969/j.issn.1000-436x.2012.z2.016/

Similar Items