Live digital forensics: Windows XP vs Windows 7

Author

Gianni, Fenu ; Solinas, Fabrizio

Author_Institution

Dept. of Comput. Sci. Cagliari, Univ. of Cagliari, Cagliari, Italy

fYear

2013

fDate

23-25 Sept. 2013

Firstpage

1

Lastpage

6

Abstract

Over the last few years, analysing a computer or a digital device has become a necessity in the field of criminal investigations. Traditional digital forensics analysis includes static analysis, which concerns data that are permanently stored in devices, and live analysis, which regards data that are temporarily stored in equipments or that transit in networks. This paper proposes a live forensics analysis on two different operating systems: Windows XP and Windows Seven. The case study focuses on some common applications such as Skype, Google Talk and the browser Internet Explorer. The last software involves only those cases in which the browser is surfing on Facebook, Yahoo, Hotmail and Gmail. In addition, although many types of applications are payment software, one of the main objectives of this work has been the only use of the free software in order to prove the possibility to obtain the same results minimizing the costs.

Keywords

digital forensics; operating systems (computers); program diagnostics; Facebook; Gmail; Google Talk; Hotmail; Internet Explorer browser; Skype; Windows 7; Windows Seven; Windows XP; Yahoo; computer analysis; criminal investigations; digital device analysis; free software; live analysis; live digital forensics; operating systems; payment software; static analysis; Browsers; Computers; Digital forensics; Electronic mail; Operating systems; Random access memory; RAM forensics analysis; computer forensic investigation; cybercrime; investigation; live forensics;

fLanguage

English

Publisher

ieee

Conference_Titel

Informatics and Applications (ICIA),2013 Second International Conference on

Conference_Location

Lodz

Print_ISBN

978-1-4673-5255-0

Type

conf

DOI

10.1109/ICoIA.2013.6650220

Filename

6650220