A Practical Approach for Evidence Gathering in Windows Environment

With theincrease in internet technology cyber-attacks have also increased, most of the sufferers from these cyber-attacks are novice windows end users. Windows is more popular due to the ease in use, and effective GUI; due to the unavailability of windows component source code the crime investigations in windows environment is a tedious and hectic job for law enforcement agencies. The unsystematic organization of the available sources of evidence in a windows environment makes the integration of these evidences a difficult task. In this paper a prototype model is developed and implemented to extract the various sources of evidence in windows environment. Investigation issues in Windows and Linux environment are also presented.