ForensicsWiki will continue to operate as it has before and will not be shutting down. Thank you for your continued support of ForensicsWiki.

Difference between revisions of "Timeline Analysis"

From ForensicsWiki
Jump to: navigation, search
(Programs)
(See Also)
(3 intermediate revisions by 2 users not shown)
Line 1: Line 1:
 
==Papers==
 
==Papers==
 +
* [http://forensicfocus.files.wordpress.com/2012/08/generating-computer-forensic-supertimelines-under-linux-a-comprehensive-guide-for-windows-based-disk-images1.pdf Generating computer forensic supertimelines under Linux - A comprehensive guide for Windows-based disk images], by R. Carbone, C. Bean, August 2012
 
* J. Olsson, M. Boldt, [http://www.dfrws.org/2009/proceedings/p78-olsson.pdf "Computer forensic timeline visualization tool"], ScienceDirect Digital Investigation, Volume 6, September 2009
 
* J. Olsson, M. Boldt, [http://www.dfrws.org/2009/proceedings/p78-olsson.pdf "Computer forensic timeline visualization tool"], ScienceDirect Digital Investigation, Volume 6, September 2009
 
* Jewan Bang, BY Yoo, JS Kim, SJ Lee, [http://forensic.korea.ac.kr/research/Conference/Analysis_of_Time_Information_for_Digital_Investigation.pdf "Analysis of Time Information for Digital Investigation"], NCM 2009, 5th International Joint Conference on INC, IMS, IDC, August 2009
 
* Jewan Bang, BY Yoo, JS Kim, SJ Lee, [http://forensic.korea.ac.kr/research/Conference/Analysis_of_Time_Information_for_Digital_Investigation.pdf "Analysis of Time Information for Digital Investigation"], NCM 2009, 5th International Joint Conference on INC, IMS, IDC, August 2009
Line 22: Line 23:
 
* [http://well-formed-data.net/archives/26/visualizing-gaps-in-time-based-lists Visualizing gaps in time-based lists], Moritz Stefaner, November 6, 2000
 
* [http://well-formed-data.net/archives/26/visualizing-gaps-in-time-based-lists Visualizing gaps in time-based lists], Moritz Stefaner, November 6, 2000
  
==Programs==
+
== Tools ==
 
; [[Zeitline]] — Forensic timeline editor
 
; [[Zeitline]] — Forensic timeline editor
 
: http://projects.cerias.purdue.edu/forensics/timeline.php
 
: http://projects.cerias.purdue.edu/forensics/timeline.php
Line 40: Line 41:
 
; [[Aftertime]] - Java based application for creating timelines
 
; [[Aftertime]] - Java based application for creating timelines
 
: http://www.holmes.nl/NFIlabs/Aftertime/index.html
 
: http://www.holmes.nl/NFIlabs/Aftertime/index.html
 +
ns.org/computer-forensics/2009/08/13/artifact-timeline-creation-and-analysis-tool-release-log2timeline/
 +
: https://blogs.sans.org/computer-forensics/2009/08/14/artifact-timeline-creation-and-analysis-part-2/
  
==See Also==
+
; [[sorter]] — [[Sleuthkit]]'s [[MAC times]] sorting program.
* http://www.timeforensics.com/
+
  
 +
; [http://code.google.com/p/simile-widgets/ Simile Timeline and Timeplot]
  
 +
; [[PTK]] has a timeline analysis tool.
  
 +
; [[Aftertime]] - Java based application for creating timelines
 +
: http://www.holm
 +
; [[TimeFlow]] - Visual timelines for investigation - source freely available
 +
https://github.com/FlowingMedia/TimeFlow/wiki/
  
 +
== External Links ==
 +
* http://www.timeforensics.com/
  
 
[[Category:Tools]]
 
[[Category:Tools]]
 
[[Category:Bibliographies]]
 
[[Category:Bibliographies]]
 
[[Category:Timeline Analysis]]
 
[[Category:Timeline Analysis]]

Revision as of 20:23, 27 August 2012

Papers

Tools

Zeitline — Forensic timeline editor
http://projects.cerias.purdue.edu/forensics/timeline.php
http://sourceforge.net/projects/zeitline/
log2timeline - An artifact timeline creation and analysis framework
http://log2timeline.net
https://blogs.sans.org/computer-forensics/2009/08/13/artifact-timeline-creation-and-analysis-tool-release-log2timeline/
https://blogs.sans.org/computer-forensics/2009/08/14/artifact-timeline-creation-and-analysis-part-2/
sorterSleuthkit's MAC times sorting program.
Simile Timeline and Timeplot
PTK has a timeline analysis tool.
Aftertime - Java based application for creating timelines
http://www.holmes.nl/NFIlabs/Aftertime/index.html

ns.org/computer-forensics/2009/08/13/artifact-timeline-creation-and-analysis-tool-release-log2timeline/

https://blogs.sans.org/computer-forensics/2009/08/14/artifact-timeline-creation-and-analysis-part-2/
sorterSleuthkit's MAC times sorting program.
Simile Timeline and Timeplot
PTK has a timeline analysis tool.
Aftertime - Java based application for creating timelines
http://www.holm
TimeFlow - Visual timelines for investigation - source freely available

https://github.com/FlowingMedia/TimeFlow/wiki/

External Links