Windows registry contains lots of information that are of potential evidential value or helpful in aiding forensic examiners on other aspects of forensic analysis. This paper discusses the basics of Windows XP registry and its structure, data hiding techniques in registry, and analysis on potential Windows XP registry entries that are of forensic values.
One of the PDA forensic issues is the difficulty in maintaining image integrity as two consecutive acquisitions on most PDA platforms could produce different images. JFFS2 used in certain Linux PDA further complicate the forensic process as compression is implemented in this file system. Currently there is not specific tool that can analyse this file… (More)
Google is a powerful search engine. However, by combining Google features and creativity in construction query, it will return sensitive information that usually would not be found by casual users. Attacker could use Google to look for vulnerable targets and passively gather information about their targets to assist further attacks. This paper discusses… (More)
Smartphone vendors have been increasingly integrating Bluetooth technology into their devices to increase accessible and convenience for users. As the current inclination of integrating PDA and telephony increase, the likelihood of sensitive information being stored on such a device is also increased. Potential Bluetooth vulnerabilities could provide… (More)