This work is licensed under a Creative Commons Attribution-NonCommercial 4.0 International License
|
||||||||
|
Paper Details
Paper Title
Detecting timestamp forgery in NTFS file system using logfile
Authors
  Pratik Patel,  Shailendra Mishra
Abstract
In the current era of digital world, user and investigator are more dependent on digital data. Digital data are very vast in size and also stored in various formats. So, the major problem is identification of upcoming data as true or false by the user or investigator. To overcome this problem different methods and techniques are adapted. Forensic method is used for validation of data. A computer forensic method can be used for detecting the different types of forgeries and computer crime. Forgeries and computer crime are the most major concern of the digital world. Lots of techniques and methods have been used to find a proper solution to overcome these forgery problems. Occurrences of digital crimes or forgeries are investigated using a method or technique called forensics. Initially a general survey was carried out to understand the different methods used in computer forensics to track the evidences which could be useful for detecting the computer crime and forgery. Forensic tools can be used for making any changes to data or tampering of data. Different rule sets or methods are defined to detect the various errors regarding the changes and the tampering of the data in different windows file systems. The data is tampered or modified in either of the two ways i.e., offline or online. In this research, offline data is of upmost concern. Digital evidence which stores information in digital form can be used to detect forgery and computer crime. In this paper, a computer forensic method for detecting timestamp forgery in the Windows NTFS file system is presented. The accuracy of timestamp forgery can be further improved by using attributes of files like size, time. The tool can be used for all types of files.
Keywords- Computer forensics, Digital forensics, Evidence, Forensic tools, NTFS file system, $Log file.
Publication Details
Unique Identification Number - IJEDR1403067Page Number(s) - 3224-3227Pubished in - Volume 2 | Issue 3 | Sept 2014DOI (Digital Object Identifier) -    Publisher - IJEDR (ISSN - 2321-9939)
Cite this Article
  Pratik Patel,  Shailendra Mishra,   "Detecting timestamp forgery in NTFS file system using logfile", International Journal of Engineering Development and Research (IJEDR), ISSN:2321-9939, Volume.2, Issue 3, pp.3224-3227, Sept 2014, Available at :http://www.ijedr.org/papers/IJEDR1403067.pdf
Article Preview
|
|
||||||
|