原文传递
AutoProv: An Automated File Provenance Collection Tool.
| 题名: | AutoProv: An Automated File Provenance Collection Tool. |
| 作者: | Good, R. A. |
| 关键词: | Computer program documentation, Computational forensics, Files(records), Software tools, File provenance, Digital forensics |
| 摘要: | A file's provenance is a detailing of its origins and activities. There are tools available that are useful in maintaining the provenance of a file. Unfortunately for digital forensics, these tools require prior installation on the computer of interest while provenance generating events happen. The presented tool addresses this by reconstructing a file's provenance from several temporal artifacts. It identifies relevant temporal and user correlations between these artifacts, and presents them to the user. A variety of predefined use cases and real world data are tested against to demonstrate that this software allows examiners to draw useful conclusions about the provenance of a file. |
| 报告类型: | 科技报告 |
相关文献
检索历史
应用推荐
