TY  - BOOK
AU  - Messier,Ric
AU  - Mackay,Kevin
TI  - Operating system forensics
SN  - 9780128019498
U1  - 005.43 23
PY  - 2016///
CY  - Waltham, MA
PB  - Elsevier, Syngress is an imprint of Elsevier
KW  - Computer crimes
KW  - Investigation
KW  - Operating systems (Computers)
KW  - Security measures
KW  - Computer security
KW  - fast
N1  - Forensics and operating systems -- 
Introduction
Forensics
Operating systems
Conclusions
e.tc

File systems -- 
introduction
Disk geometry
master boot record
e.tc

Data and file recovery -- 
introduction
data carving
searching and deleted files
e.tc

Memory forensics -- 
introduction
real memory and addressing 
virtual memory
e.tc

System configuration -- 
introduction
real memory and addressing
virtual memory
e.tc

Web browsing -- 
introduction
a primer on structure query language
web browsing
e.tc

Tracking artifacts -- 
introduction
location information
document tracking
shortcuts
e.tc

Log files -- 
introduction
windows event logs
unit syslog
application logs
e.tc

Executable programs -- 
introduction
stacks and heaps
portable executables
e.tc

Malware -- 
introduction
malware categories
using research
getting infected
e.tc

Mobile operating systems -- 
introduction
malware categories
using research
getting infected
e.tc

Newer technologies -- 
introduction
virtualization
cloud computing
wearables
drones
e.tc

Reporting.
introduction
writing style
artifacts
reporting requirements
e.tc
; Includes bibliographical references and index
N2  - "Covers digital forensic investigations of the three major operating systems, including Windows, Linux, and Mac OS. Presents the technical details of each operating system, allowing users to find artifacts that might be missed using automated tools. Hands-on exercises drive home key concepts covered in the book. Includes discussions of cloud, Internet, and major mobile operating systems such as Android and iOS."--Publisher web site
ER  -