タイムライン関連 参考URL(順番に特に意味なし)
□Log2timeline - Forensics Wiki
http://www.forensicswiki.org/wiki/Log2timeline
□log2timeline
http://log2timeline.net/
□Plaso - home of the super timeline
http://plaso.kiddaland.net/
https://code.google.com/p/plaso/
http://www.forensicswiki.org/wiki/Plaso
□4n6time
https://sites.google.com/a/kiddaland.net/plaso/usage/4n6time
□Fight crime.Unravel incidents... one byte at a time.
http://computer-forensics.sans.org/community/papers/gcfa/mastering-super-timeline-log2timeline_5028
□Digital Forensics SIFT'ing: Cheating Timelines with log2timeline
http://computer-forensics.sans.org/blog/2011/12/16/digital-forensics-sifting-cheating-timelines-with-log2timeline
□Digital Forensic SIFTing: Colorized Super Timeline Template for Log2timeline Output Files
http://computer-forensics.sans.org/blog/2012/01/25/digital-forensic-sifting-colorized-super-timeline-template-for-log2timeline-output-files
□Timelines continued: Log2Timeline for Beginners
http://sploited.blogspot.jp/2012/05/timelines-continued-log2timeline-for.html
□Log2Timeline and Super Timelilnes
http://thedigitalstandard.blogspot.jp/2011/07/log2timeline-and-super-timelilnes.html
□Computer forensic timeline visualization tool
http://www.dfrws.org/2009/proceedings/p78-olsson.pdf
□Web History Visualisation for Forensic Investigations
http://articles.forensicfocus.com/2011/07/26/web-history-visualisation-for-forensic-investigations/
□Web History Visualisation for Forensic Investigations
http://www.lowmanio.co.uk/share/WebHistoryVisualisationForForensicInvestigations_SLIDES.pdf
□log2timelineによるタイムライン解析
http://d.hatena.ne.jp/ukky3/20090814/1250215597
□Forensic timeline Splunking
http://kleinco.com.au/thoughts-events/item/forensic-timeline-splunking
□Timeline Creation & Analysis using
http://www.basistech.com/pdf/events/open-source-forensics-conference/osdf-2011-hallman-log2timeline.pdf
□An automated timeline reconstruction approach for digital forensic
investigations
http://www.dfrws.org/2012/proceedings/DFRWS2012-8.pdf
□Using Log2Timeline
http://forensicaliente.blogspot.jp/2010/07/creating-timeline-wmmls-fls.html
□SuperTimeline+Splunk - f-insight
http://forensicinsight.org/wp-content/uploads/2012/05/INSIGHT_SuperTimeline+Splunk.pdf
□A Closer Look at Log2Timeline
http://computerforensics.champlain.edu/blog/closer-look-log2timeline
□MWS Cup 2012 課題1 「インシデントレスポンス」の解き方のヒント
http://www.iwsec.org/mws/2012/MWS_Cup_2012_C1_instruction.pdf
□コンピュータフォレンジクス技術解説
Timeline Creation and Analysis
- ミクロビューによるタイムスタンプの特性検証 -
http://www.ji2.co.jp/forensics/seminer/20091204/20091204_03.pdf
□log2timeline
http://www.kazamiya.net/log2timeline
□Log2Timeline-DataGather(EnScript)
http://www.kazamiya.net/log2timeline-datagather
□log2timeline-sift の使い方
http://sec-v6.blogspot.jp/2012/12/log2timeline-sift.html
□Recipe: EVTX, LogParser, Perl
http://blog.digital-forensics.it/2012/04/recipe-evtx-logparser-perl.html
□wtmp timeline efforts
http://blog.digital-forensics.it/2012/07/wtmp-timeline-efforts.html
□Super Timeline
http://computerforensics.champlain.edu/sites/default/files/files/SuperTimeline%20Report.pdf
□Plaso Reinventing the super timeline
http://computer-forensics.sans.org/summit-archives/DFIR_Summit/Plaso-Reinventing-the-Super-Timeline-Kristinn-Gudjonsson.pdf
□New weapon, Emailtime!
http://davnads.blogspot.jp/2013/07/new-weapon-emailtime.html
□My Windows 8 DFIR Reading List
http://davnads.blogspot.jp/2013/01/my-windows-8-dfir-reading-list.html
□4n6time Release Notice
http://davnads.blogspot.jp/2012/12/4n6time-release-notice.html
□Generating computer forensic supertimelines under Linux
https://forensicfocus.files.wordpress.com/2012/08/generating-computer-forensic-supertimelines-under-linux-a-comprehensive-guide-for-windows-based-disk-images1.pdf
□Mastering the Super Timeline With log2timeline
http://www.sans.org/reading-room/whitepapers/logging/mastering-super-timeline-log2timeline-33438
□Mastering the Super Timeline
http://log2timeline.net/files/Mastering_the_super_timeline_log2timeline_style.pdf
□Investigator's Tool-kit: Timeline
https://isc.sans.edu/diary/Investigator's+Tool-kit%3A+Timeline/13537
□ANALYSIS OF FORENSIC SUPER TIMELINES
http://www.dtic.mil/dtic/tr/fulltext/u2/a562672.pdf
□Leveraging NTFS Timeline Forensics during the Analysis of Malware
http://es.slideshare.net/tmugherini/ntfs-mft-forensics-during-malware-analysis
□Design and Implementation of Zeitline: a Forensic Timeline Editor
https://users.cs.jmu.edu/buchhofp/publications/zeitline_dfrws.pdf
□Anti-Forensics: Techniques, Detection and Countermeasures
http://citeseerx.ist.psu.edu/viewdoc/download?doi=10.1.1.109.5063&rep=rep1&type=pdf