Tag: Timeline Analysis

Signature Based Detection of User Events for Post-Mortem Forensic Analysis

The concept of signatures is used in many fields, normally for the detection of some sort of pattern. For example, antivirus and network intrusion detection systems sometimes implement signature matching to attempt to differentiate legitimate code or network traffic from malicious data. The principle of these systems that that within a given set of data, malicious data…

27 February, 2013
Automata Intersection to Test Possibility of Statements in Investigations

When conducting an investigation, many statements are given by witnesses and suspects. A “witness” could be considered as anything that provides information about the occurrence of an event. While a witness may traditionally be a human, a digital device – such as a computer or cell phone – could also help to provide information about…

13 September, 2012

Signature Based Detection of User Events for Post-Mortem Forensic Analysis