A survey on forensic investigation of operating system logs

被引:26
|
作者
Studiawan, Hudan [1 ]
Sohel, Ferdous [1 ]
Payne, Christian [1 ]
机构
[1] Murdoch Univ, Discipline Informat Technol Math & Stat, Perth, WA, Australia
来源
DIGITAL INVESTIGATION | 2019年 / 29卷
关键词
Operating system logs; Event logs; Log forensics; Log tamper detection; Event correlation; Event reconstruction; Event anomaly; DIGITAL FORENSICS; RETRIEVING KNOWLEDGE; NETWORK FORENSICS; COMPUTER; FILES; RECONSTRUCTION; INCONSISTENCY; PROVENANCE; INTERNET; MODEL;
D O I
10.1016/j.diin.2019.02.005
中图分类号
TP [自动化技术、计算机技术];
学科分类号
0812 ;
摘要
Event logs are one of the most important sources of digital evidence for forensic investigation because they record essential activities on the system. In this paper, we present a comprehensive literature survey of the forensic analysis on operating system logs. We present a taxonomy of various techniques used in this area. Additionally, we discuss the tools that support the examination of the event logs. This survey also gives a review of the publicly available datasets that are used in operating system log forensics research. Finally, we suggest potential future directions on the topic of operating system log forensics. (C) 2019 Elsevier Ltd. All rights reserved.
引用
收藏
页码:1 / 20
页数:20
相关论文
共 50 条
  • [1] A Forensic Investigation of the Robot Operating System
    Abeykoon, Iroshan
    Feng, Xiaohua
    2017 IEEE INTERNATIONAL CONFERENCE ON INTERNET OF THINGS (ITHINGS) AND IEEE GREEN COMPUTING AND COMMUNICATIONS (GREENCOM) AND IEEE CYBER, PHYSICAL AND SOCIAL COMPUTING (CPSCOM) AND IEEE SMART DATA (SMARTDATA), 2017, : 851 - 857
  • [2] A Forensic Investigation of Robot Operating System
    Abeykoon, Iroshan
    Feng, Xiaohua
    Qiu, Renxi
    2017 IEEE 15TH INTL CONF ON DEPENDABLE, AUTONOMIC AND SECURE COMPUTING, 15TH INTL CONF ON PERVASIVE INTELLIGENCE AND COMPUTING, 3RD INTL CONF ON BIG DATA INTELLIGENCE AND COMPUTING AND CYBER SCIENCE AND TECHNOLOGY CONGRESS(DASC/PICOM/DATACOM/CYBERSCI, 2017, : 368 - 372
  • [3] A survey of PDA forensic investigation
    Me, GL
    Spagnoletti, P
    ICWN'03: PROCEEDINGS OF THE INTERNATIONAL CONFERENCE ON WIRELESS NETWORKS, 2003, : 583 - 587
  • [4] A Survey of Deep Anomaly Detection for System Logs
    Zhao, Xiaoqing
    Jiang, Zhongyuan
    Ma, Jianfeng
    2022 INTERNATIONAL JOINT CONFERENCE ON NEURAL NETWORKS (IJCNN), 2022,
  • [5] Survey on the investigation of forensic crime scene evidence
    Johnson, Jyothi
    Chitra, R.
    INTERNATIONAL JOURNAL OF MODELING SIMULATION AND SCIENTIFIC COMPUTING, 2022, 13 (06)
  • [6] Validation of physician survey estimates of surgical time using operating room logs
    McCall, Nancy
    Cromwell, Jerry
    Braun, Peter
    MEDICAL CARE RESEARCH AND REVIEW, 2006, 63 (06) : 764 - 777
  • [7] A Formal Approach for the Forensic Analysis of Logs
    Arasteh, Ali Reza
    Debbabi, Mourad
    Sakha, Assaad
    NEW TRENDS IN SOFTWARE METHODOLOGIES, TOOLS AND TECHNIQUES, 2006, 147 : 159 - 176
  • [8] FORENSIC ANALYSIS OF THE IOT OPERATING SYSTEM UBUNTU CORE
    Castelo Gomez, Juan Manuel
    Roldan-Gomez, Jose
    Ruiz-Villafranca, Sergio
    del Amo Minguez, Alvaro
    COMPUTING AND INFORMATICS, 2024, 43 (03) : 529 - 560
  • [9] Northwest logs operating profit
    不详
    AVIATION WEEK & SPACE TECHNOLOGY, 2002, 157 (17): : 54 - 54
  • [10] On the Forensic Validity of Approximated Audit Logs
    Michael, Noor
    Mink, Jaron
    Liu, Jason
    Gaur, Sneha
    Ul Hassan, Wajih
    Bates, Adam
    36TH ANNUAL COMPUTER SECURITY APPLICATIONS CONFERENCE (ACSAC 2020), 2020, : 189 - 202
12345