An Ontology for Digital Forensics in IT Security Incidents - OPUS

More documents

Recommendations

Info

76 APPENDIX B. FORENSIC TOOLS OUTPUT LISTINGS $EA (224) Size : 0 -65536 Flags : $LOGGED_UTILITY_STREAM (256) Size : 0 -65536 Flags : Non - resident Listing B.1: Output of fsstat from the sleuth kit Virtual Physical Name ---------- ---------- ---- 0 xe18e7a38 0 x09433a38 \??\ C :\ Do .. en \ Benutzer1 \ Lok .. en \ Anw .. en \ Mi ..\ Wi ..\ UsrClass . dat 0 xe18e08d8 0 x091a38d8 \ Dev .. e1 \ Doku .. ellungen \ Benutzer1 \ NTUSER . DAT 0 xe156ab60 0 x068ceb60 \ Dev .. e1 \ Doku .. ngen \ Lo ..\ Lok .. en \ Anw .. en \ Mi ..\ Wi ..\ UsrClass . dat 0 xe1561ac8 0 x068b8ac8 \ Dev .. e1 \ Do .. en \ Lo ..\ NTUSER . DAT 0 xe153d9f0 0 x062a89f0 \ Dev .. e1 \ Do .. en \ Net ..\ Lok .. en \ Anw .. en \ Mi ..\ Wi ..\ UsrClass . dat 0 xe1534b60 0 x06213b60 \ Dev .. e1 \ Doku .. ellungen \ NetworkService \ NTUSER . DAT 0 xe1371218 0 x037da218 \ Device \ HarddiskVolume1 \ WINDOWS \ system32 \ config \ software 0 xe1378008 0 x04149008 \ Device \ HarddiskVolume1 \ WINDOWS \ system32 \ config \ SECURITY 0 xe1378758 0 x04149758 \ Device \ HarddiskVolume1 \ WINDOWS \ system32 \ config \ default 0 xe134ab30 0 x03003b30 \ Device \ HarddiskVolume1 \ WINDOWS \ system32 \ config \ SAM 0 xe1254130 0 x02269130 [ no name ] 0 xe1018258 0 x0202b258 \ Device \ HarddiskVolume1 \ WINDOWS \ system32 \ config \ system 0 xe1007260 0 x01feb260 [ no name ] 0 x8068f9bc 0 x0068f9bc [ no name ] Listing B.2: Output of the hivelist module of volatility(shortened)
Appendix C Screenshots Figure C.1: Neo4J web interface: Interactive graph explorer 77
Page 1:
Diplomarbeit An Ontology for Digita
Page 4 and 5:
Acknowledgement I would like to tha
Page 6 and 7:
4 CONTENTS 5.1.4 Storage . . . . .
Page 8 and 9:
6 CONTENTS
Page 10 and 11:
8 CHAPTER 1. INTRODUCTION data lead
Page 12 and 13:
10 CHAPTER 2. RELATED WORK investig
Page 14 and 15:
12 CHAPTER 3. GOAL FORENSIC SEMANTI
Page 16 and 17:
14 CHAPTER 3. GOAL FORENSIC SEMANTI
Page 18 and 19:
16 CHAPTER 4. FORENSICS Basic rules
Page 20 and 21:
18 CHAPTER 4. FORENSICS 4.1.2.2 Ran
Page 22 and 23:
20 CHAPTER 4. FORENSICS entry conta
Page 24 and 25:
22 CHAPTER 4. FORENSICS 4.2.3.1 Reg
Page 26 and 27:
24 CHAPTER 4. FORENSICS vulnerable
Page 28 and 29: 26 CHAPTER 4. FORENSICS The fls -m
Page 30 and 31: 28 CHAPTER 4. FORENSICS of the sock
Page 32 and 33: 30 CHAPTER 4. FORENSICS
Page 34 and 35: 32 CHAPTER 5. ONTOLOGY Person name
Page 36 and 37: 34 CHAPTER 5. ONTOLOGY 5.1.1 Creati
Page 38 and 39: 36 CHAPTER 5. ONTOLOGY Resource Des
Page 40 and 41: 38 CHAPTER 5. ONTOLOGY to be Augsbu
Page 42 and 43: 40 CHAPTER 5. ONTOLOGY Gephi and Cy
Page 44 and 45: 42 CHAPTER 5. ONTOLOGY
Page 46 and 47: 44 CHAPTER 6. FORENSIC ONTOLOGY for
Page 48 and 49: 46 CHAPTER 6. FORENSIC ONTOLOGY pro
Page 50 and 51: 48 CHAPTER 6. FORENSIC ONTOLOGY reg
Page 52 and 53: 50 CHAPTER 6. FORENSIC ONTOLOGY 6.9
Page 54 and 55: 52 CHAPTER 6. FORENSIC ONTOLOGY Par
Page 56 and 57: 54 CHAPTER 6. FORENSIC ONTOLOGY
Page 58 and 59: 56 CHAPTER 7. IMPLEMENTATION 7.3 RD
Page 60 and 61: 58 CHAPTER 7. IMPLEMENTATION the co
Page 62 and 63: 60 CHAPTER 7. IMPLEMENTATION 1 SELE
Page 64 and 65: 62 CHAPTER 7. IMPLEMENTATION Anothe
Page 66 and 67: 64 CHAPTER 7. IMPLEMENTATION 7.8 St
Page 68 and 69: 66 CHAPTER 8. EVALUATION 6. The las
Page 70 and 71: 68 CHAPTER 8. EVALUATION key (CTEMO
Page 72 and 73: 70 CHAPTER 9. SUMMARY after some is
Page 74 and 75: 72 APPENDIX A. EXTRACTION TOOL LIST
Page 76 and 77: 74 APPENDIX A. EXTRACTION TOOL LIST
Page 80 and 81: 78 APPENDIX C. SCREENSHOTS Figure C
Page 86 and 87: 84 APPENDIX C. SCREENSHOTS
Page 88 and 89: 86 BIBLIOGRAPHY [Carrier, 2012c] Ca
Page 90 and 91: 88 BIBLIOGRAPHY [Microsoft, 2010] M
Page 92: 90 BIBLIOGRAPHY [W3C, 2004] W3C (20
show all

An Ontology for Digital Forensics in IT Security Incidents - OPUS

Create successful ePaper yourself

Delete template?

Save as template?