Back to Search Start Over

Dataset of Windows operating system forensics artefacts

Authors :
Eva Marková
Pavol Sokol
Sophia Petra Krišáková
Kristína Kováčová
Source :
Data in Brief, Vol 55, Iss , Pp 110693- (2024)
Publication Year :
2024
Publisher :
Elsevier, 2024.

Abstract

The dataset consists of records from the NTFS file system and event logs. In this study, we used images of devices from capture the flags competitions focused on the digital forensic of Windows operating systems and user activities. We created timelines of the security incident from the disk images using the Plaso tool, which we then processed and transformed the attributes of the timelines into binary values to simplify the application of data analysis and machine learning methods. The data are divided into 12 different files, and they are saved in CSV format.

Subjects

Subjects :
Digital evidence analysis
Event logs
Filesystem
Forensic artefact
NTFS
Operating system Windows
Computer applications to medicine. Medical informatics
R858-859.7
Science (General)
Q1-390

Details

Language :
English
ISSN :
23523409
Volume :
55
Issue :
110693-
Database :
Directory of Open Access Journals
Journal :
Data in Brief
Publication Type :
Academic Journal
Accession number :
edsdoj.0eaceb1729e84fa781ce1d271b5035e8
Document Type :
article
Full Text :
https://doi.org/10.1016/j.dib.2024.110693
Full Text Access
View/download PDF

Tools

Authors Abstract Subjects Details