Digital forensics investigation reduction model (DIFReM) framework for Windows 10 OS
The advent of the digital age, globalization and automation has made life easier for people and businesses. However, the ubiquitous use of digital devices and the Internet also heightens the risk and incidents of cybercrimes. Under these circumstances, Digital Forensics has become a critical counter...
| Main Authors: | , , , |
|---|---|
| Format: | Conference or Workshop Item |
| Language: | English |
| Published: |
IEEE
2019
|
| Online Access: | http://psasir.upm.edu.my/id/eprint/78121/ http://psasir.upm.edu.my/id/eprint/78121/1/Digital%20forensics%20investigation%20reduction%20model%20%28DIFReM%29%20framework%20for%20Windows%2010%20OS.pdf |
| _version_ | 1848858419374587904 |
|---|---|
| author | Shayau, Yazid Haruna Asmawi, Aziah Mohd Rum, Siti Nurulain Mohd Ariffin, Noor Afiza |
| author_facet | Shayau, Yazid Haruna Asmawi, Aziah Mohd Rum, Siti Nurulain Mohd Ariffin, Noor Afiza |
| author_sort | Shayau, Yazid Haruna |
| building | UPM Institutional Repository |
| collection | Online Access |
| description | The advent of the digital age, globalization and automation has made life easier for people and businesses. However, the ubiquitous use of digital devices and the Internet also heightens the risk and incidents of cybercrimes. Under these circumstances, Digital Forensics has become a critical countermeasure. The ISO/IEC 27001 (Information security standards published jointly by the International Organization for Standardization – ISO and the International Electrotechnical Commission-IEC) provides guidance on identifying, gathering/collecting/acquiring, handling and protecting/preserving Digital Forensic evidence for use in court. The most challenging and important part of Digital Forensic Investigation (DFI) is data examination. Knowing the data created by the Operating System (OS) or user beforehand would ease the process. Unfortunately, most of the time, such details are not available to facilitate investigation. The examination phase is the most challenging for an investigator; in Microsoft Windows OS (Operating System). Investigators have to go through terabytes of system data, most of which are OS and application files irrelevant to the investigation from a suspect’s computer. To address the problem highlighted above, this research proposes a data reduction model (DIFReM) and a tool which will not only help the investigator in identifying modified system files but also has the ability to detect files inserted into system directories and also be able to verify integrity using hashing. In the end, this research will provide the investigator with a more effective and efficient digital forensics tools. |
| first_indexed | 2025-11-15T12:13:09Z |
| format | Conference or Workshop Item |
| id | upm-78121 |
| institution | Universiti Putra Malaysia |
| institution_category | Local University |
| language | English |
| last_indexed | 2025-11-15T12:13:09Z |
| publishDate | 2019 |
| publisher | IEEE |
| recordtype | eprints |
| repository_type | Digital Repository |
| spelling | upm-781212020-06-15T01:47:21Z http://psasir.upm.edu.my/id/eprint/78121/ Digital forensics investigation reduction model (DIFReM) framework for Windows 10 OS Shayau, Yazid Haruna Asmawi, Aziah Mohd Rum, Siti Nurulain Mohd Ariffin, Noor Afiza The advent of the digital age, globalization and automation has made life easier for people and businesses. However, the ubiquitous use of digital devices and the Internet also heightens the risk and incidents of cybercrimes. Under these circumstances, Digital Forensics has become a critical countermeasure. The ISO/IEC 27001 (Information security standards published jointly by the International Organization for Standardization – ISO and the International Electrotechnical Commission-IEC) provides guidance on identifying, gathering/collecting/acquiring, handling and protecting/preserving Digital Forensic evidence for use in court. The most challenging and important part of Digital Forensic Investigation (DFI) is data examination. Knowing the data created by the Operating System (OS) or user beforehand would ease the process. Unfortunately, most of the time, such details are not available to facilitate investigation. The examination phase is the most challenging for an investigator; in Microsoft Windows OS (Operating System). Investigators have to go through terabytes of system data, most of which are OS and application files irrelevant to the investigation from a suspect’s computer. To address the problem highlighted above, this research proposes a data reduction model (DIFReM) and a tool which will not only help the investigator in identifying modified system files but also has the ability to detect files inserted into system directories and also be able to verify integrity using hashing. In the end, this research will provide the investigator with a more effective and efficient digital forensics tools. IEEE 2019 Conference or Workshop Item PeerReviewed text en http://psasir.upm.edu.my/id/eprint/78121/1/Digital%20forensics%20investigation%20reduction%20model%20%28DIFReM%29%20framework%20for%20Windows%2010%20OS.pdf Shayau, Yazid Haruna and Asmawi, Aziah and Mohd Rum, Siti Nurulain and Mohd Ariffin, Noor Afiza (2019) Digital forensics investigation reduction model (DIFReM) framework for Windows 10 OS. In: 2019 IEEE 9th International Conference on System Engineering and Technology (ICSET 2019), 7 Oct. 2019, Shah Alam, Selangor, Malaysia. (pp. 459-464). 10.1109/ICSEngT.2019.8906387 |
| spellingShingle | Shayau, Yazid Haruna Asmawi, Aziah Mohd Rum, Siti Nurulain Mohd Ariffin, Noor Afiza Digital forensics investigation reduction model (DIFReM) framework for Windows 10 OS |
| title | Digital forensics investigation reduction model (DIFReM) framework for Windows 10 OS |
| title_full | Digital forensics investigation reduction model (DIFReM) framework for Windows 10 OS |
| title_fullStr | Digital forensics investigation reduction model (DIFReM) framework for Windows 10 OS |
| title_full_unstemmed | Digital forensics investigation reduction model (DIFReM) framework for Windows 10 OS |
| title_short | Digital forensics investigation reduction model (DIFReM) framework for Windows 10 OS |
| title_sort | digital forensics investigation reduction model (difrem) framework for windows 10 os |
| url | http://psasir.upm.edu.my/id/eprint/78121/ http://psasir.upm.edu.my/id/eprint/78121/ http://psasir.upm.edu.my/id/eprint/78121/1/Digital%20forensics%20investigation%20reduction%20model%20%28DIFReM%29%20framework%20for%20Windows%2010%20OS.pdf |