Research Article
The Forensic Value of the Windows 7 Jump List
540 downloads
@INPROCEEDINGS{10.1007/978-3-642-35515-8_17, author={Alexander Barnett}, title={The Forensic Value of the Windows 7 Jump List}, proceedings={Digital Forensics and Cyber Crime. Third International ICST Conference, ICDF2C 2011, Dublin, Ireland, October 26-28, 2011, Revised Selected Papers}, proceedings_a={ICDF2C}, year={2012}, month={12}, keywords={Jump List Windows 7 Forensics}, doi={10.1007/978-3-642-35515-8_17} }
- Alexander Barnett
Year: 2012
The Forensic Value of the Windows 7 Jump List
ICDF2C
Springer
DOI: 10.1007/978-3-642-35515-8_17
Abstract
The Windows 7 Jump List is an aspect of the Windows 7 operating system that has the potential to contain data and artifacts of great interest to investigators, but has yet to receive any considerable attention or research. As of this writing, only one published work makes mention of their existence, and no tools exist to automate their retrieval and analysis. The goal of this research is to provide an overview of the function and behavior of jump lists, and also to examine the structure of jump lists with the intention of proposing further research for making use of them in a forensic capacity.
Copyright © 2011–2024 ICST