Share Your Research, Maximize Your Social Impacts
Automated Windows-Based Timelining Tool for Memory and Disk Image Analysis: Leveraging Timsort Algorithm with WinPmem, FTK Imager, Volatility 3 and The Sleuth Kit
Journal: International Journal of Computer Science and Mobile Computing - IJCSMC (Vol.13, No. 8)Publication Date: 2024-08-30
Authors : Aaron Lensmer M. Abdon; Judilee Christian M. Ang; Keinaz N. Domingo; Jerome E. Gutierrez;
Page : 16-22
Keywords : Image Acquisition; Forensic Artifact Parsing; Timeline Generation; Timsort Algorithm;
Source : Download
Find it from : Google Scholar
Abstract
As technology evolves, so does the threat of cyberattacks – making Digital Forensics crucial for damage control and prevention. This paper aims to address the inefficiencies faced by investigators in a forensic setting by automating the processes necessary for disk and memory image acquisition, forensic artifact parsing, and timeline generation. Leveraging publicly available tools such as: WinPmem, FTK Imager, Volatility 3 (VOL3), and The Sleuth Kit (TSK), the developed Python script is then able to provide for a clearer insight into the series of events that have transpired during a cyber incident through the generation of detailed and cohesively organized timelines, then using the Timsort algorithm for timeline analysis.
Other Latest Articles
- MSE_LSB Method of Message Steganography
- A Keypad-Based Mobile App Security Alert System with Virtual Private Network and Short Message Service Integration
- MAHARASHTRATIL STHANIK SWARAJYA SANSTHACHYA SARVTRIK NIVADNUK DARMYAN POLICE PRASHASANAVAR YENARA TAN: VISHESH SANDARBH AURANGABAD (CHATRAPATI SAMBHAJINAGAR) JILHA
- DHARMIK PARYATAN EANV AADHUNIK JIVAN SHAILY
- DIGITAL LITERACY AMONG THE STUDENTS OF SENIOR SECONDARY LEVEL: A STUDY WITH REFERENCE TO GENDER AND LOCALE
Last modified: 2024-08-06 02:52:54