Digital Forensic Analysis on Prefetch Files
作者: N.K. Shashidnar D. Novak
刊名: International Journal of Information Security Science, 2015, Vol.4 (2)
来源数据库: International Journal of Information Security Science
关键词: Prefetchingdisassemblydigital forensicsreverse engineeringforensic analysis
原始语种摘要: Prefetch files, like any other file in a file system, can be viewed from a digital forensic perspective to further a forensic investigation. Using appropriate tools and techniques available to a digital forensic examiner, we explore and investigate the potential of prefetch files and what they have to offer from a digital forensic analysis perspective in an effort to contribute towards the rapidly advancing field of digital forensics. Windows' prefetch files are used to decrease the startup times of applications and are formatted in a manner to instruct application processes to load data and necessary libraries into memory that it needs before it is actually demanded. In other words, prefetch files help avoid a hard fault, thereby minimizing startup times. These files reside in the...
全文获取路径: PDF下载  IJISS 
分享到:

×
关键词翻译
关键词翻译
  • prefetch 预取
  • files 案卷
  • Windows 微软公司1985年推出的)视窗(环境)系统(DOS之下的应用程序
  • digital 数字的
  • applications 应用程序
  • installation 安装
  • database 资料库
  • folder 文件夹
  • formatted 有格式
  • understand 理解