Structure and application of IconCache.db files for digital forensics
DC Field | Value | Language |
---|---|---|
dc.contributor.author | Lee, Chan-Youn | - |
dc.contributor.author | Lee, Sangjin | - |
dc.date.accessioned | 2021-09-05T08:12:49Z | - |
dc.date.available | 2021-09-05T08:12:49Z | - |
dc.date.created | 2021-06-15 | - |
dc.date.issued | 2014-06 | - |
dc.identifier.issn | 1742-2876 | - |
dc.identifier.uri | https://scholar.korea.ac.kr/handle/2021.sw.korea/98299 | - |
dc.description.abstract | Anti-forensics has developed to prevent digital forensic investigations, thus forensic investigations to prevent anti-forensic behaviors have been studied in various area. In the area of user activity analysis, "IconCache.db" files contain icon cache information related to applications, which can yield meaningful information for digital forensic investigations such as the traces of deleted files. A previous study investigated the general artifacts found in the IconCache.db file. In the present study, further features and structures of the IconCache.db file are described. We also propose methods for analyzing anti-forensic behaviors (e.g., time information related to the deletion of files). Finally, we introduce an analytical tool that was developed based on the file structure of IconCache.db. The tool parses out strings from the IconCache.db to assist an analyst. Therefore, an analyst can more easily analyze the IconCache.db file using the tool. (C) 2014 Elsevier Ltd. All rights reserved. | - |
dc.language | English | - |
dc.language.iso | en | - |
dc.publisher | ELSEVIER SCI LTD | - |
dc.subject | WINDOWS-REGISTRY | - |
dc.subject | RESOURCE | - |
dc.title | Structure and application of IconCache.db files for digital forensics | - |
dc.type | Article | - |
dc.contributor.affiliatedAuthor | Lee, Sangjin | - |
dc.identifier.doi | 10.1016/j.diin.2014.05.017 | - |
dc.identifier.scopusid | 2-s2.0-84903272686 | - |
dc.identifier.wosid | 000338975900004 | - |
dc.identifier.bibliographicCitation | DIGITAL INVESTIGATION, v.11, no.2, pp.102 - 110 | - |
dc.relation.isPartOf | DIGITAL INVESTIGATION | - |
dc.citation.title | DIGITAL INVESTIGATION | - |
dc.citation.volume | 11 | - |
dc.citation.number | 2 | - |
dc.citation.startPage | 102 | - |
dc.citation.endPage | 110 | - |
dc.type.rims | ART | - |
dc.type.docType | Article | - |
dc.description.journalClass | 1 | - |
dc.description.journalRegisteredClass | scie | - |
dc.description.journalRegisteredClass | scopus | - |
dc.relation.journalResearchArea | Computer Science | - |
dc.relation.journalWebOfScienceCategory | Computer Science, Information Systems | - |
dc.relation.journalWebOfScienceCategory | Computer Science, Interdisciplinary Applications | - |
dc.subject.keywordPlus | WINDOWS-REGISTRY | - |
dc.subject.keywordPlus | RESOURCE | - |
dc.subject.keywordAuthor | Anti-forensics | - |
dc.subject.keywordAuthor | Digital forensics | - |
dc.subject.keywordAuthor | Icon | - |
dc.subject.keywordAuthor | IconCache.db | - |
dc.subject.keywordAuthor | User behavior | - |
Items in ScholarWorks are protected by copyright, with all rights reserved, unless otherwise indicated.
145 Anam-ro, Seongbuk-gu, Seoul, 02841, Korea+82-2-3290-2963
COPYRIGHT © 2021 Korea University. All Rights Reserved.
Certain data included herein are derived from the © Web of Science of Clarivate Analytics. All rights reserved.
You may not copy or re-distribute this material in whole or in part without the prior written consent of Clarivate Analytics.