アンタイ・フォレンジック伝道者の独り言

基本的にはデジタル・フォレンジックの技術について取り扱っていますが、記載内容には高確率で誤りが含まれる可能性があります。

タイムライン関連 参考URL(順番に特に意味なし)

□Log2timeline - Forensics Wiki
http://www.forensicswiki.org/wiki/Log2timeline

□log2timeline
http://log2timeline.net/

□Plaso - home of the super timeline
http://plaso.kiddaland.net/
https://code.google.com/p/plaso/
http://www.forensicswiki.org/wiki/Plaso

□4n6time
https://sites.google.com/a/kiddaland.net/plaso/usage/4n6time

□Fight crime.Unravel incidents... one byte at a time.
http://computer-forensics.sans.org/community/papers/gcfa/mastering-super-timeline-log2timeline_5028

□Digital Forensics SIFT'ing: Cheating Timelines with log2timeline
http://computer-forensics.sans.org/blog/2011/12/16/digital-forensics-sifting-cheating-timelines-with-log2timeline

□Digital Forensic SIFTing: Colorized Super Timeline Template for Log2timeline Output Files
http://computer-forensics.sans.org/blog/2012/01/25/digital-forensic-sifting-colorized-super-timeline-template-for-log2timeline-output-files

□Timelines continued: Log2Timeline for Beginners
http://sploited.blogspot.jp/2012/05/timelines-continued-log2timeline-for.html

□Log2Timeline and Super Timelilnes
http://thedigitalstandard.blogspot.jp/2011/07/log2timeline-and-super-timelilnes.html

□Computer forensic timeline visualization tool
http://www.dfrws.org/2009/proceedings/p78-olsson.pdf

□Web History Visualisation for Forensic Investigations
http://articles.forensicfocus.com/2011/07/26/web-history-visualisation-for-forensic-investigations/

□Web History Visualisation for Forensic Investigations
http://www.lowmanio.co.uk/share/WebHistoryVisualisationForForensicInvestigations_SLIDES.pdf

□log2timelineによるタイムライン解析
http://d.hatena.ne.jp/ukky3/20090814/1250215597

□Forensic timeline Splunking
http://kleinco.com.au/thoughts-events/item/forensic-timeline-splunking

□Timeline Creation & Analysis using
http://www.basistech.com/pdf/events/open-source-forensics-conference/osdf-2011-hallman-log2timeline.pdf

□An automated timeline reconstruction approach for digital forensic
investigations

http://www.dfrws.org/2012/proceedings/DFRWS2012-8.pdf

□Using Log2Timeline
http://forensicaliente.blogspot.jp/2010/07/creating-timeline-wmmls-fls.html

□SuperTimeline+Splunk - f-insight
http://forensicinsight.org/wp-content/uploads/2012/05/INSIGHT_SuperTimeline+Splunk.pdf

□A Closer Look at Log2Timeline
http://computerforensics.champlain.edu/blog/closer-look-log2timeline

□MWS Cup 2012 課題1 「インシデントレスポンス」の解き方のヒント
http://www.iwsec.org/mws/2012/MWS_Cup_2012_C1_instruction.pdf

コンピュータフォレンジクス技術解説
Timeline Creation and Analysis

  • ミクロビューによるタイムスタンプの特性検証 -

http://www.ji2.co.jp/forensics/seminer/20091204/20091204_03.pdf

□log2timeline
http://www.kazamiya.net/log2timeline

□Log2Timeline-DataGather(EnScript)
http://www.kazamiya.net/log2timeline-datagather

□log2timeline-sift の使い方
http://sec-v6.blogspot.jp/2012/12/log2timeline-sift.html

□Recipe: EVTX, LogParser, Perl
http://blog.digital-forensics.it/2012/04/recipe-evtx-logparser-perl.html

□wtmp timeline efforts
http://blog.digital-forensics.it/2012/07/wtmp-timeline-efforts.html

□Super Timeline
http://computerforensics.champlain.edu/sites/default/files/files/SuperTimeline%20Report.pdf

□Plaso Reinventing the super timeline
http://computer-forensics.sans.org/summit-archives/DFIR_Summit/Plaso-Reinventing-the-Super-Timeline-Kristinn-Gudjonsson.pdf

□New weapon, Emailtime!
http://davnads.blogspot.jp/2013/07/new-weapon-emailtime.html

□My Windows 8 DFIR Reading List
http://davnads.blogspot.jp/2013/01/my-windows-8-dfir-reading-list.html

□4n6time Release Notice
http://davnads.blogspot.jp/2012/12/4n6time-release-notice.html

□Generating computer forensic supertimelines under Linux
https://forensicfocus.files.wordpress.com/2012/08/generating-computer-forensic-supertimelines-under-linux-a-comprehensive-guide-for-windows-based-disk-images1.pdf

□Mastering the Super Timeline With log2timeline
http://www.sans.org/reading-room/whitepapers/logging/mastering-super-timeline-log2timeline-33438

□Mastering the Super Timeline
http://log2timeline.net/files/Mastering_the_super_timeline_log2timeline_style.pdf

□Investigator's Tool-kit: Timeline
https://isc.sans.edu/diary/Investigator's+Tool-kit%3A+Timeline/13537

□ANALYSIS OF FORENSIC SUPER TIMELINES
http://www.dtic.mil/dtic/tr/fulltext/u2/a562672.pdf

□Leveraging NTFS Timeline Forensics during the Analysis of Malware
http://es.slideshare.net/tmugherini/ntfs-mft-forensics-during-malware-analysis

□Design and Implementation of Zeitline: a Forensic Timeline Editor
https://users.cs.jmu.edu/buchhofp/publications/zeitline_dfrws.pdf

□Anti-Forensics: Techniques, Detection and Countermeasures
http://citeseerx.ist.psu.edu/viewdoc/download?doi=10.1.1.109.5063&rep=rep1&type=pdf