Open Access  Subscription or Fee Access

Today computers and the internet have become an integral part of one‟s life. However, with the increasing use of computers and the internet, comes a major problem called computer crime. There has been a considerable increase in computer crime. Digital Forensic is the buzzword for the current era that deals with the acquisition, preservation, and analysis of digital evidences. Operating system is main component of any computer which can be meticulously explored to examine computer crime. This study focuses on the windows operating system only. Windows registry is the cornerstone of windows operating system. Moreover, it acts as potential source for evidential data and thus proves to be a fertile area for crime investigation. However, the process is tedious and time consuming and cannot be dealt with manually. In order to address these issues, this paper proposes a futuristic software framework for analyzing registry of windows based systems. The proposed framework is built using Visual Basic (VB) and Windows Application Programming Interface (APIs). The proposed framework is developed as a part of Digital Forensic Tool for Windows Registry Analysis Software and it is anticipated that when completely developed, it would act as a vital component.

API, Operating System, Software Framework, Visual Basic, Windows Registry.

D. J. Farmer, “A Forensics Analysis Of The Windows Registry”. Champlain College, Burlington, Vermont. 2008.

Honeycutt, J., “Microsoft Windows Registry Guide”, (2005), 2nd. Edition, Redmond, WA: Microsoft Press.

H. Carvey, "The Windows Registry as a forensic resource" , Digital Investigation: The International Journal of Digital Forensics & Incident Response , Vol .2, pp. 201-05, 2005.

L.W.Wong, "Forensic Analysis of the Windows Registry", Forensic Focus, 2008,

K .Dashora, D. S. Tomar and J.L. Rana, “A Practical Approach for Evidence Gathering in Windows Environment”, International Journal of Computer Applications, Vol. 5, No.10, August 2010.

V. Mee, T.Tryfonas and I.Sutherland , “The Windows Registry as a forensic artefact Illustrating evidence collection for Internet usage”, Digital Investigation, Vol. 3, pp.166-173, 2006.

Z. Tang, H.Ding , X. Ming and X. Jian, “Carving the Windows registry files based on the internal structure”, The 1st International Conference on Information Science and Engineering (ICISE), 2009.

S. J. Stolfo, F.Apap , E. Eskin, Katherine H., H.Shlomo, H. Andrew and S.Krysta, “A Comparative Evaluation of Two Algorithms for Windows Registry Anomaly Detection”, Journal of Computer Security, Vol. 13 No. 4, pp. 659-693, July 2005.

D. Brendan, “Forensic analysis of the Windows registry in memory”, 2008.

E. Huebner and F. Henskens, “The role of operating systems in computer forensics”, SIGOPS Oper. Syst.Rev, Vol. 42, No. 3, pp. 1-3, 2008.

“Forensic investigation on Windows Logs,” [Online]. Available: http://www.icranium.com/blog/?p=194.

K. Dashora, D.S.Tomar, and J.L.Rana, “A Practical Approach for Evidence Gathering in Windows Environment”, International Journal of Computer Applications, Vol. 5, No.10, August 2010.

M.A. Ahmad and L.K. Wei, “Development of essol-v2 for engineering survey calculations”, International Journal of Engineering and Technology, Vol. 3, No.1, pp. 54-60, 2006.

D. Li, “Design and implementation for wound measurement application”, Primary Intention; Vol. 14, No. 2: pp. 56-58, 60-63, 66, 2006.

A.B. Hassan, M. S. Abolarin, and O. H. Jimoh, “The Application of Visual Basic Computer Programming Language to Simulate Numerical Iterations”, Leonardo Journal of Sciences, No. 9, pp. 125-136, 2006.