Yahoo Messenger Forensics on Windows Vista and Windows 7

Page Content

Download

Download PDF Document
PDF

Author

Matthew Levendoski, Tejashree Datar, Dr. Marc Rogers

Tech report number

CERIAS TR 2011-11

Entry type

conference

Abstract

The purpose of this study is to identify several areas of forensic interest within the Yahoo! Messenger application, which are of forensic significance. This study focuses on new areas of interest within the file structure of Windows Vista and Windows 7. One of the main issues with this topic is that little research has been previously conducted on the new Windows platforms. Previously conducted research indicates the evidence found on older file structures, such as Windows XP, as well as outdated versions of Yahoo! Messenger. Several differences were found within the Yahoo Messenger’s registry keys and directory structure on Windows Vista and Windows 7 as compared to Windows XP.

Download

PDF

Date

2011 – 10 – 24

Institution

Purdue University

Key alpha

Levendoski, Datar, Rogers

School

Computer Information Technology

Affiliation

Master Student in Cyber Forensics

Publication Date

2011-10-24

BibTex-formatted data

To refer to this entry, you may select and copy the text below and paste it into your BibTex document. Note that the text may not contain all macros that BibTex supports.