Difference between pages "Upcoming events" and "Windows 8"

From ForensicsWiki
(Difference between pages)
Jump to: navigation, search
(Calls For Papers)
 
(External Links)
 
Line 1: Line 1:
<b>PLEASE READ BEFORE YOU EDIT THE LISTS BELOW</b><br>
+
Initially Windows 8 had a workstation and server edition. The server edition became Windows Server 2012.
When events begin the same day, events of a longer length should be listed first.  New postings of events with the same date(s) as other events should be added after events already in the list. Please use three-letter month abbreviations (i.e. Sep, NOT Sept. or September), use two digit dates (i.e. Jan 01 NOT Jan 1), and use date ranges rather than listing every date during an event(i.e. Jan 02-05, NOT Jan 02, 03, 04, 05).<br>
+
<i>Some events may be <u>limited</u> to <b>Law Enforcement Only</b> or to a specific audience. Such restrictions should be noted when known.</i>
+
  
This is a BY DATE listing of upcoming events relevant to [[digital forensics]].  It is not an all inclusive list, but includes most well-known activities.  Some events may duplicate events on the generic [[conferences]] page, but entries in this list have specific dates and locations for the upcoming event.
+
== New Features ==
 +
The following new features were introduced in Windows 8:
 +
* [[Windows File History | File History]]
 +
* [[Windows Storage Spaces | Storage Spaces]]
 +
* [[Search Charm History]]
  
This listing is divided into three sections (described as follows):<br>
+
== File System ==
<ol><li><b><u>[[Upcoming_events#Calls_For_Papers|Calls For Papers]]</u></b> - Calls for papers for either Journals or for Conferences, relevant to Digital Forensics (Name, Closing Date, URL)</li><br>
+
The file system used by Windows 8 is primarily [[NTFS]].
<li><b><u>[[Upcoming_events#Conferences|Conferences]]</u></b> - Conferences relevant for Digital Forensics (Name, Date, Location, URL)</li><br>
+
<li><b><u>[[Training Courses and Providers]]</u></b> - Training </li><br></ol>
+
  
== Calls For Papers ==
+
The [[Resilient File System (ReFS)]] was initially available in the Windows 8 server edition but became part of Windows 2012 server edition.
Please help us keep this up-to-date with deadlines for upcoming conferences that would be appropriate for forensic research.
+
  
{| border="0" cellpadding="2" cellspacing="2" align="top"
+
== Jump Lists ==
|- style="background:#bfbfbf; font-weight: bold"
+
[[Jump Lists]] are Task Bar artifacts that were first introduced on Windows 7 and are also available on Windows 8.
! width="30%|Title
+
! width="15%"|Due Date
+
! width="15%"|Notification Date
+
! width="40%"|Website
+
|-
+
|New Security Paradigms Workshop (NSPW)
+
|Apr 12, 2013
+
|Jun 07, 2013
+
|http://www.nspw.org/2013/cfp
+
|-
+
|5th International Conference on Digital Forensics & Cyber Crime (ICDF2C 2013)
+
|Apr 30, 2013
+
|Jun 01, 2013
+
|http://d-forensics.org/2013/show/cf-papers
+
|-
+
|2nd Cyberpatterns: Unifying Design Patterns with Security, Attack and Forensic Patterns Workshop
+
|May 20, 2013
+
|Jun 10, 2013
+
|http://tech.brookes.ac.uk/CyberPatterns2013
+
|-
+
|}
+
  
See also [http://www.wikicfp.com/cfp/servlet/tool.search?q=forensics WikiCFP 'Forensics']
+
== [[Prefetch]] ==
 +
The prefetch hash function is similar to [[Windows 2008]].
  
== Conferences ==
+
The [[Windows Prefetch File Format]] was changed on Windows 8.1 to version 26. (note this could be Windows 8 as well but has not been confirmed)
{| border="0" cellpadding="2" cellspacing="2" align="top"
+
|- style="background:#bfbfbf; font-weight: bold"
+
! width="40%"|Title
+
! width="20%"|Date/Location
+
! width="40%"|Website
+
|-
+
|CERIAS 14th Annual Information Security Symposium
+
|Apr 03-04<br>West Lafayette, IN
+
|http://www.cerias.purdue.edu/site/symposium2013
+
|-
+
|8th Annual Workshop on Digital Forensics and Incident Analysis (WDFIA)
+
|May 08-10<br>Lisbon, Portugal
+
|http://www.wdfia.org/default.asp
+
|-
+
|European Information Security Multi-Conference (EISMC 2013)
+
|May 08-10<br>Lisbon, Portugal
+
|http://www.eismc.org/
+
|-
+
|IEEE Symposium on Security & Privacy
+
|May 19-23<br>San Francisco, CA
+
|http://www.ieee-security.org/TC/SP2013/index.html
+
|-
+
|International Workshop on Cyber Crime
+
|May 24<br>San Francisco, CA
+
|http://stegano.net/IWCC2013/
+
|-
+
|Techno Security and Forensics Investigation Conference
+
|Jun 02-05<br>Myrtle Beach, SC
+
|http://www.thetrainingco.com/html/Security%20Conference%202013.html
+
|-
+
|Mobile Forensics World
+
|Jun 02-05<br>Myrtle Beach, SC
+
|http://www.techsec.com/html/MFC-2013-Spring.html
+
|-
+
|ADFSL 2013 Conference on Digital Forensics, Security and Law
+
|Jun 10-12<br>Richmond, VA
+
|http://www.digitalforensics-conference.org/index.htm
+
|-
+
|FIRST Conference
+
|Jun 16-21<br>Bangkok, Thailand
+
|http://conference.first.org/2013/
+
|-
+
|The 1st ACM Workshop on Information Hiding and Multimedia Security
+
|Jun 17-19<br>Montpellier, France
+
|http://ihmmsec.org/
+
|-
+
|28th IFIP TC-11 SEC 2013 International Information Security and Privacy Conference
+
|Jul 08-10<br>Auckland, New Zealand
+
|http://www.sec2013.org/
+
|-
+
|The Second International Workshop on Cyber Patterns: Unifying Design Patterns with Security, Attack and Forensic Patterns
+
|Jul 08-09<br>Abingdon, Oxfordshire, United Kingdom
+
|http://tech.brookes.ac.uk/CyberPatterns2013
+
|-
+
|Symposium On Usable Privacy and Security
+
|Jul 24-26<br>Newcastle, United Kingdom
+
|http://cups.cs.cmu.edu/soups/2013/
+
|-
+
|DFRWS 2013
+
|Aug 04-07<br>Monterey, CA
+
|http://dfrws.org/2013
+
|-
+
|Regional Computer Forensics Group GMU 2013
+
|Aug 05-09<br>Fairfax, VA
+
|http://www.rcfg.org
+
|-
+
|6th USENIX Workshop on Large-Scale Exploits and Emergent Threats (LEET '13)
+
|Aug 12<br>Washington, DC
+
|https://www.usenix.org/conferences?page=1
+
|-
+
|8th USENIX Workshop on Hot Topics in Security (HotSec '13)
+
|Aug 13<br>Washington, DC
+
|https://www.usenix.org/conferences?page=1
+
|-
+
|22nd USENIX Security Symposium - USENIX Security '13
+
|Aug 14-16<br>Washington, DC
+
|https://www.usenix.org/conference/usenixsecurity13
+
|-
+
|6th International Workshop on Digital Forensics (WSDF 2013)
+
|Sep 02-06<br>Regensburg, Germany
+
|http://www.ares-conference.eu/conf/index.php?option=com_content&view=article&id=49&Itemid=95
+
|-
+
|New Security Paradigms Workshop (NSPW)
+
|Sep 09-12<br>The Banff Center, Canada
+
|http://www.nspw.org/current/
+
|-
+
|5th International Conference on Digital Forensics & Cyber Crime
+
|Sep 25-27<br>Moscow, Russia
+
|http://d-forensics.org/2013/show/home
+
|-
+
|VB2013 - the 23rd Virus Bulletin International Conference
+
|Oct 02-04<br>Berlin, Germany
+
|http://www.virusbtn.com/conference/vb2013/index
+
|-
+
|}
+
  
==See Also==
+
== Registry ==
* [[Training Courses and Providers]]
+
The [[Windows_Registry|Windows Registry]] remains a core component of the Windows operating system.
==References==
+
 
* [http://faculty.cs.tamu.edu/guofei/sec_conf_stat.htm Computer Security Conference Ranking and Statistic]
+
== Application Experience and Compatibility ==
* [http://www.kdnuggets.com/meetings/ Meetings and Conferences in Data Mining and Discovery]
+
On Windows 8 Amcache.hve replaces RecentFileCache.bcf and uses the [[Windows NT Registry File (REGF)]] format. A common location for Amcache.hve is:
* http://www.conferencealerts.com/data.htm Data Mining Conferences World-Wide]
+
<pre>
 +
C:\Windows\AppCompat\Programs\Amcache.hve
 +
</pre>
 +
 
 +
== See Also ==
 +
* [[Windows]]
 +
* [[Windows Vista]]
 +
* [[Windows 7]]
 +
 
 +
== External Links ==
 +
* [http://en.wikipedia.org/wiki/Features_new_to_Windows_8 Features new to Windows 8], Wikipedia
 +
* [http://computerforensics.champlain.edu/blog/windows-8-forensics Windows 8 Forensics - part 1]
 +
* [http://computerforensics.champlain.edu/blog/windows-8-forensics-part-2 Windows 8 Forensics - part 2]
 +
* [http://computerforensics.champlain.edu/blog/windows-8-forensics-part-3 Windows 8 Forensics - part 3]
 +
* [http://propellerheadforensics.files.wordpress.com/2012/05/thomson_windows-8-forensic-guide2.pdf Windows 8 Forensic Guide], by [[Amanda Thomson|Amanda C. F. Thomson]], 2012
 +
* [http://forensicfocus.com/Forums/viewtopic/t=9604/ Forensic Focus: Windows 8 Forensics - A First Look], [http://www.youtube.com/watch?v=uhCooEz9FQs&feature=youtu.be Presentation], [http://www.forensicfocus.com/downloads/windows-8-forensics-josh-brunty.pdf Slides], by [[Josh Brunty]], August 2012
 +
* [http://dfstream.blogspot.ch/2013/03/windows-8-tracking-opened-photos.html Windows 8: Tracking Opened Photos], by [[Jason Hale]], March 8, 2013
 +
* [http://dfstream.blogspot.com/2013/09/windows-8-and-81-search-charm-history.html Windows 8 and 8.1: Search Charm History], by [[Jason Hale]], September 9, 2013
 +
* [http://www.swiftforensics.com/2013/12/amcachehve-in-windows-8-goldmine-for.html Amcache.hve in Windows 8 - Goldmine for malware hunters], by Yogesh Khatri, December 4, 2013
 +
* [http://www.swiftforensics.com/2013/12/amcachehve-part-2.html Amcache.hve - Part 2], by Yogesh Khatri, December 16, 2013
 +
 
 +
[[Category:Operating systems]]

Latest revision as of 15:13, 16 December 2013

Initially Windows 8 had a workstation and server edition. The server edition became Windows Server 2012.

New Features

The following new features were introduced in Windows 8:

File System

The file system used by Windows 8 is primarily NTFS.

The Resilient File System (ReFS) was initially available in the Windows 8 server edition but became part of Windows 2012 server edition.

Jump Lists

Jump Lists are Task Bar artifacts that were first introduced on Windows 7 and are also available on Windows 8.

Prefetch

The prefetch hash function is similar to Windows 2008.

The Windows Prefetch File Format was changed on Windows 8.1 to version 26. (note this could be Windows 8 as well but has not been confirmed)

Registry

The Windows Registry remains a core component of the Windows operating system.

Application Experience and Compatibility

On Windows 8 Amcache.hve replaces RecentFileCache.bcf and uses the Windows NT Registry File (REGF) format. A common location for Amcache.hve is:

C:\Windows\AppCompat\Programs\Amcache.hve

See Also

External Links