Thursday, August 30, 2007

Interesting Forensics and Logging Presentations from DFRWS

Some fun reading material here: DFRWS 2007 preso and papers. A few fun pieces on logs to, specifically
  • "Introducing the Microsoft Vista Log File Format. Andreas Schuster. (paper)
  • Automated Windows Event Log Forensics. Rich Murphey. (paper)
  • Analyzing Multiple Logs for Forensic Evidence. Ali Reza Arasteh, Mourad Debbabi, Assaad Sakha, and Mohamed Saleh. (paper)"
Read on!

Dr Anton Chuvakin