Iconcache Reconstruction: Non-Boot Recovery Strategies in Windows Forensics

Q: How many days will it take for my paper to be published?

The review time for papers is not fixed. However, if the paper is accepted and the author completes the processing charges formalities, the paper will be published within a few working days.

Q: I would like to receive a hard copy of the journal materials. Are there any additional charges?

You can log in to the author portal and pay 500 INR to receive the hard copy materials.

B Gayatthri; Dr. Priya P Sajan

Iconcache Reconstruction: Non-Boot Recovery Strategies in Windows Forensics

Authors: B Gayatthri, Dr. Priya P Sajan

Unique Paper ID: 182093
Volume: 12
Issue: 2
PageNo: 901-905

Keywords: Icon cache Windows forensics Anti-forensics

Abstract:
The iconcache. db is an important Windows operating system forensic investigation entity for artifact recovery, timeline correlation and file presence proof by improving the operating system performance. This research article attempts to explain how to inspect the icon cache, examining the analysis possibilities, and restores vital information like original file path and associated program names. To boot up, this research paper also describes the interpretation and correlation of icon cache analysis results with other system artifacts for examining further forensic artifacts and antiforensics approaches.

Download article

email to a friend

Cite This Article

ISSN: 2349-6002
Volume: 12
Issue: 2
PageNo: 901-905

Iconcache Reconstruction: Non-Boot Recovery Strategies in Windows Forensics

Available:https://ijirt.org/article?manuscript=182093

Impact Factor
8.01 (Year 2024)

UGC Approved
Journal no 47859

Join Our IPN

IJIRT Partner Network

Submit your research paper and those of your network (friends, colleagues, or peers) through your IPN account, and receive 800 INR for each paper that gets published.

Join Now