Abstract
Recently, importance of digital forensics has increased and using analysis methods of digital evidence in the analysis of evidence of various types. However, analysis time and effort is steadily increasing because personal disk capacity is too big and it has many number of files. Most digital evidence has time property, such as access time, creation time, and modification time. These time information of digital evidence is one of most important factors in the digital forensic area. But if digital examiner simply analyze based on binary source only, it is possible to have wrong result because time has various types. In this paper, we classify various type of time in the digital evidence and describe advanced analysis method based on timeline chart for digital forensic investigation.
| Translated title of the contribution | Study on advanced analysis method based on timeline chart for Digital Forensic Investigation |
|---|---|
| Original language | Korean |
| Pages (from-to) | 50-55 |
| Number of pages | 6 |
| Journal | 한국항행학회논문지 |
| Volume | 18 |
| Issue number | 1 |
| DOIs | |
| State | Published - 2014 |