Murdoch University Research Repository

Welcome to the Murdoch University Research Repository

The Murdoch University Research Repository is an open access digital collection of research
created by Murdoch University staff, researchers and postgraduate students.

Learn more

A survey on forensic investigation of operating system logs

Studiawan, H., Sohel, F. and Payne, C. (2019) A survey on forensic investigation of operating system logs. Digital Investigation, 29 . pp. 1-20.

PDF - Authors' Version
Download (1MB) | Preview
Link to Published Version:
*Subscription may be required


Event logs are one of the most important sources of digital evidence for forensic investigation because they record essential activities on the system. In this paper, we present a comprehensive literature survey of the forensic analysis on operating system logs. We present a taxonomy of various techniques used in this area. Additionally, we discuss the tools that support the examination of the event logs. This survey also gives a review of the publicly available datasets that are used in operating system log forensics research. Finally, we suggest potential future directions on the topic of operating system log forensics.

Item Type: Journal Article
Murdoch Affiliation(s): Information Technology, Mathematics and Statistics
Publisher: Elsevier Ltd
Copyright: © 2019 Elsevier Ltd.
Item Control Page Item Control Page


Downloads per month over past year