Article ID | Journal | Published Year | Pages | File Type |
---|---|---|---|---|
458319 | Digital Investigation | 2006 | 8 Pages |
Abstract
Investigating computer intrusions is becoming infinitely more complicated with the advancement of post-exploitation techniques currently being used by attackers. We must continually update our traditional forensic techniques to include the more rare investigative steps. Analysis of System Restore points is one of these steps. This article will illustrate how a forensic examiner analyzed System Restore points to reveal traces of evidence which ultimately lead to the complete understanding of the computer and subsequent bank account compromises.
Keywords
Related Topics
Physical Sciences and Engineering
Computer Science
Computer Networks and Communications
Authors
Kris Harms,