Bc. Michal Masrna

Bachelor's thesis

Utilization of NTFS metadata to facilitate digital forensics

Utilization of NTFS metadata to facilitate digital forensics
Abstract:
Táto práca popisuje metódy automatickej detekcie súborov súvisiacich s kyberbezpečnostným incidentom počas jeho vyšetrovania na základe metadát súborového systému. Táto práca sa zameriava na súborový systém NTFS na operačných systémoch Microsoft Windows 10 a 11. Práca opisuje vnútornú štruktúru NTFS a dokumentuje, ako Windows aktualizuje časové značky počas konkrétnych operácií so súbormi a adresármi …more
Abstract:
This thesis introduces methods for automatically detecting files likely connected to a cybersecurity incident during its investigation based on file system metadata. This thesis focuses on the NTFS file system on Microsoft Windows 10 and 11 operating systems. It describes the internal structure of NTFS and documents how Windows handles timestamp updates during specific file and directory operations …more
 
 
Language used: English
Date on which the thesis was submitted / produced: 18. 5. 2023

Thesis defence

  • Date of defence: 28. 6. 2023
  • Supervisor: RNDr. Daniel Kouřil, Ph.D.
  • Reader: RNDr. Tomáš Rebok, Ph.D.

Citation record

Full text of thesis

Contents of on-line thesis archive
Published in Theses:
  • světu
Other ways of accessing the text
Institution archiving the thesis and making it accessible: Masarykova univerzita, Fakulta informatiky

Masaryk University

Faculty of Informatics

Bachelor programme / field:
Informatics / Informatics

Theses on a related topic

  • No theses on a related topic available.