stručni rad
Windows 10 operating system is the most widely used operating system today that contains many programs and mechanisms for managing computer hardware and software. Looking from a digital forensics point of view these produce valuable records of user activities. In a forensic world, such records are known as Windows artifact which can be described as a system generated records of the user activities that have forensic value. Gaining a deep understanding of how these records are created and what information they contain can help the examiner to acquire valuable data that can be used as evidence and support other evidence. The artifacts can be a great way to focus on relevant data and reduce the need for full examination of constantly increasing data storage that examiners encounter. Through this paper, the focus will be on analyzing different, fewer know artifacts, that aren’t supported by mainstream forensic tools because they vary between versions of Windows, resulting in the need for manual analysis. Their deep understanding is necessary to avoid misinterpreting their content which can result in wrong conclusions. Additionally, the paper presents the results of testing Windows 10 artifacts and open-source tools used in the testing process.
Windows 10; artifacts; digital forensics
Razvojem virtualizacijskih tehnologija raste kompleksnost IT sustava, dok korisnici istovremeno zahtijevaju brži pristup resursima, napredne integracije i jednostavnost korištenja. Jedno od ključnih rješenja za ove izazove primjena je…
Ovaj rad istražuje i uspoređuje mogućnosti prosljeđivanja grafičkih kartica na Hyper-V i KVM hipervizorima prema virtualnim strojevima, detaljno opisujući metode, postupke i razlike u arhitekturi koje utječu na…
The ever-growing usage and adaptation of HTTP/3 in web traffic leverages Quick UDP Internet Connections (QUIC) as a transport protocol. QUIC is widely recognized for reduced latency, enhanced…