A carregar...
Publicação
Keeping track of UWP application changes for digital forensic purposes
| Nome: | Descrição: | Tamanho: | Formato: | |
|---|---|---|---|---|
| Digital forensics aims to collect and interpret artifacts that can help in the understanding of the action performed by a given individual or organization. The forensic artifacts are highly dependent on the inner working of the operating system (OS) and applications. This is the case for applications of the Universal Windows Platform (UWP), with digital forensic practitioners often depending on the data kept in the private database(s) of the application. However, some of these applications evolve rapidly, with new versions bringing changes that sometimes involve their inner databases and thus might impact digital forensic artifacts. In this paper, we present UWPscanner, an open source system that we have developed. The UWPscanner system allows to track the changes of internal databases used by UWP applications, aiming to ease the task of not only digital practitioners, but also of digital forensic tool developers. The paper is complemented with the case-study of tracking Microsoft Skype (SkypeApp) and Your Phone evolution with UWPscanner. | 295.31 KB | Adobe PDF |
Orientador(es)
Resumo(s)
Digital forensics aims to collect and interpret artifacts that can help in the understanding of the action performed by a given individual or organization. The forensic artifacts are highly dependent on the inner working of the operating system (OS) and applications. This is the case for applications of the Universal Windows Platform (UWP), with digital forensic practitioners often depending on the data kept in the private database(s) of the application. However, some of these applications evolve rapidly, with new versions bringing changes that sometimes involve their inner databases and thus might impact digital forensic artifacts. In this paper, we present UWPscanner, an open source system that we have developed. The UWPscanner system allows to track the changes of internal databases used by UWP applications, aiming to ease the task of not only digital practitioners, but also of digital forensic tool developers. The paper is complemented with the case-study of tracking Microsoft Skype (SkypeApp) and Your Phone evolution with UWPscanner.
Descrição
EISBN - 978-1-6654-1588-0
Date of Conference: 11-12 February 2021
Date of Conference: 11-12 February 2021
Palavras-chave
digital forensics Windows OS sqlite3 Windows Store
Contexto Educativo
Citação
L. M. Andrade, P. Domingues and M. Frade, "Keeping track of UWP application changes for digital forensic purposes," 2021 Telecoms Conference (ConfTELE), Leiria, Portugal, 2021, pp. 1-5, doi: https://doi.org/10.1109/ConfTELE50222.2021.9435530.
Editora
IEEE Canada
Licença CC
Sem licença CC