Detailed Information
Cited 0 time in 
Cited 0 time in 
Cited 0 time in
Metadata Downloads
DiagAnalyzer: User behavior analysis and visualization using Windows Diagnostics logs
Full metadata record
| DC Field | Value | Language |
|---|---|---|
| dc.contributor.author | Park, Sungha | - |
| dc.contributor.author | Lee, Sangjin | - |
| dc.date.accessioned | 2022-12-09T13:42:22Z | - |
| dc.date.available | 2022-12-09T13:42:22Z | - |
| dc.date.created | 2022-12-08 | - |
| dc.date.issued | 2022-09 | - |
| dc.identifier.issn | 2666-2817 | - |
| dc.identifier.uri | https://scholar.korea.ac.kr/handle/2021.sw.korea/146603 | - |
| dc.description.abstract | Windows Diagnostics, which is used by default in Windows 10 and Windows 11, records basic device information as well as various detailed user activities of those who use Windows. Previously, there have been several preceding studies that attempted to apply diagnostics information to digital forensics analysis, but there have been no practical methods or publicly available tools to analyze data in relation to user behavior. Therefore, this paper analyzed how three representative activities (attaching and detaching USB storage devices, web browser activities, and wireless network activities) are recorded in Window Diagnostics. Furthermore, based on the analysis results, we developed DiagAnalyzer, which automatically analyzes the diagnostics event log and visualizes the user's behavior. Through the meth-odology and tool of this paper, the application of Windows Diagnostics deserves further attention as an important artifact in digital forensics investigation for Windows in the future. (c) 2022 The Author(s). Published by Elsevier Ltd on behalf of DFRWS This is an open access article under the CC BY-NC-ND license (http://creativecommons.org/licenses/by-nc-nd/4.0/). | - |
| dc.language | English | - |
| dc.language.iso | en | - |
| dc.publisher | ELSEVIER SCI LTD | - |
| dc.title | DiagAnalyzer: User behavior analysis and visualization using Windows Diagnostics logs | - |
| dc.type | Article | - |
| dc.contributor.affiliatedAuthor | Lee, Sangjin | - |
| dc.identifier.doi | 10.1016/j.fsidi.2022.301450 | - |
| dc.identifier.wosid | 000875559100007 | - |
| dc.identifier.bibliographicCitation | FORENSIC SCIENCE INTERNATIONAL-DIGITAL INVESTIGATION, v.43 | - |
| dc.relation.isPartOf | FORENSIC SCIENCE INTERNATIONAL-DIGITAL INVESTIGATION | - |
| dc.citation.title | FORENSIC SCIENCE INTERNATIONAL-DIGITAL INVESTIGATION | - |
| dc.citation.volume | 43 | - |
| dc.type.rims | ART | - |
| dc.type.docType | Article | - |
| dc.description.journalClass | 1 | - |
| dc.description.isOpenAccess | Y | - |
| dc.description.journalRegisteredClass | scie | - |
| dc.description.journalRegisteredClass | scopus | - |
| dc.relation.journalResearchArea | Computer Science | - |
| dc.relation.journalWebOfScienceCategory | Computer Science, Information Systems | - |
| dc.relation.journalWebOfScienceCategory | Computer Science, Interdisciplinary Applications | - |
| dc.subject.keywordAuthor | Windows Diagnostics | - |
| dc.subject.keywordAuthor | Eventtranscript | - |
| dc.subject.keywordAuthor | db | - |
| dc.subject.keywordAuthor | Windows forensics | - |
| dc.subject.keywordAuthor | Windows 10 | - |
| dc.subject.keywordAuthor | Windows 11 | - |
- Files in This Item
- There are no files associated with this item.
- Appears in
Collections - School of Cyber Security > Department of Information Security > 1. Journal Articles
Items in ScholarWorks are protected by copyright, with all rights reserved, unless otherwise indicated.