Dataset of Windows operating system forensics artefacts

Name: Dataset of Windows operating system forensics artefacts
Creator: Eva Marková
Published: 2024-04-05T20:28:40.978Z
Keywords: Cybersecurity, Computer Forensics, Disk Forensics, Data Analytics Cybersecurity

Marková, Eva; Sokol, Pavol; Krišáková, Sophia Petra; Kováčová, Kristína

doi:10.17632/8dfh724hvc.1

Dataset of Windows operating system forensics artefacts

Published: 5 April 2024| Version 1 | DOI: 10.17632/8dfh724hvc.1

Contributors:

, Pavol Sokol,

,

Description

The dataset consists of records from the NTFS file system and event logs. In this study, we used images of devices from capture the flags competitions focused on the digital forensics of Windows operating systems and user activities. We created timelines of the security incident from the disk images using the Plaso tool, which we then processed and transformed the attributes of the timelines into binary values to simplify the application of data analysis and machine learning methods. The data are divided into 13 different files, and they are saved in CSV format.

Files

Institutions

Univerzita Pavla Jozefa Stafarika v Kosiciach

Funding

Slovak Research and Development Agency

APVV-17-0561

Slovak Research and Development Agency

APVV-21-0336

Dataset of Windows operating system forensics artefacts

Description

Files

Institutions

Categories

Funding

Licence