NDLTD Global ETD Search
  • Refine Query
  • Source
  • Publication year
  • to
  • Language
  • 1
  • Tagged with
  • 1
  • 1
  • 1
  • 1
  • 1
  • 1
  • 1
  • 1
  • 1
  • 1
  • 1
  • 1
  • 1
  • 1
  • 1
  • About
  • The Global ETD Search service is a free service for researchers to find electronic theses and dissertations. This service is provided by the Networked Digital Library of Theses and Dissertations.
    Our metadata is collected from universities around the world. If you manage a university/consortium/country archive and want to be added, details can be found on the NDLTD website.

Search results

Showing 1 to 1 of 1 (0.157 seconds)

Spelling suggestions: "subject:"digital forensic investigation"" "subject:"figital forensic investigation""

1

Privacy and Security of the Windows Registry

Amoruso, Edward L 01 January 2024 (has links) (PDF)
The Windows registry serves as a valuable resource for both digital forensics experts and security researchers. This information is invaluable for reconstructing a user's activity timeline, aiding forensic investigations, and revealing other sensitive information. Furthermore, this data abundance in the Windows registry can be effortlessly tapped into and compiled to form a comprehensive digital profile of the user. Within this dissertation, we've developed specialized applications to streamline the retrieval and presentation of user activities, culminating in the creation of their digital profile. The first application, named "SeeShells," using the Windows registry shellbags, offers investigators an accessible tool for scrutinizing and generating event timelines based on specific criteria like file access patterns and system navigations. It boasts analytical features that can identify potentially suspicious events through a heat mapping system. In the context of our research, we've also crafted another application designed to collect and deduce a user's extensive activities by solely accessing the Windows registry. This program effectively sidesteps security software by utilizing native Windows application programming interface (API) to interact with the registry, granting unrestricted access to valuable information. This trove of data, often referred to as the user's digital footprint, holds the potential to either investigate or compromise both the user's privacy and security. Finally, we propose a custom-developed application that utilizes both software-based encryption and advanced hooking techniques to protect users' personal data within the registry. Our program is designed to create a more secure and discreet environment for users, effectively fortifying it against privacy and security threats while maintaining accessibility to legitimate users and applications.
Digital forensic investigation
event timelines
Windows registry
user digital footprint
privacy risk
data protection
Computer Engineering
Information Security
OS and Networks

Page generated in 0.1626 seconds