Abstract
Combining low cost digital storage with the tendency for the average computer user to keep computer files long after they have become useful has created such large stores of data on computer systems that the cost and time to conduct even a preliminary examination has created new technical and operational challenges for forensics investigations. Popular operating systems for personal computers do not inherently provide services that allow the tracking of the user’s activity that would allow a simple personal audit of their computers to be carried out so the user can see what they were doing, when they did it and how long they spent on each activity. Such audit trails would assist in forensics investigations in building timelines of activity so suspects could be quickly eliminated (or not) from an investigation. This paper gives some insight to the advantages of having a user activity tracking system and explores the difficulties in developing a generic third party solution.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
References
W3Counter, http://www.w3counter.com/globalstats.php (accessed June 14, 2011)
Olsson, J., Boldt, M.: Computer Forensics Timeline Visualisation Tool, Digital Investigations. Digital Investigations 6, S78–S87 (2009)
Carvey, H.: Windows Forensic Analysis. Syngress. Elsevier Press (2009)
Cloppert, M.: Ex-tip: an extensible timeline analysis framework in perl. SANS Inst. (2008)
Weber, D.: System Combo Timeline (2007), http://www.cutawaysecurity.com/blog/system-combo-timeline (accessed July 27, 2011)
Guðjónsson, K.: Mastering the Super Timeline With log2timeline. SANS Institute (2010)
Microsoft Technical Article technet, http://microsoft.com/en-us/library/cc751049.aspx (accessed June 14, 2011)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2012 ICST Institute for Computer Science, Social Informatics and Telecommunications Engineering
About this paper
Cite this paper
Keane, A., O’Shaughnessy, S. (2012). Tracking User Activity on Personal Computers. In: Gladyshev, P., Rogers, M.K. (eds) Digital Forensics and Cyber Crime. ICDF2C 2011. Lecture Notes of the Institute for Computer Sciences, Social Informatics and Telecommunications Engineering, vol 88. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-35515-8_16
Download citation
DOI: https://doi.org/10.1007/978-3-642-35515-8_16
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-642-35514-1
Online ISBN: 978-3-642-35515-8
eBook Packages: Computer ScienceComputer Science (R0)