The number of Child Sexual Abuse Material (CSAM) cases has increased dramatically in recent years. This leads to the need to automate various steps in digital forensic processing, especially for CSAM investigations. For instance, if CSAM pictures are found on a device, the investigator aim at finding traces about the origin and possible further dissemination, respectively. In this article, we address this challenge with respect to the widespread Windows operating system. We model different common scenarios of system use by CSAM offenders in the scope of file inbound and outbound transfer channels. This gives us insights about digital traces in the Windows operating system and its applications to get knowledge about origin and possible destination of a file. We review available concepts and applications to support this issue. Furthermore, we develop a recursive-based approach and provide a prototype as plugin for the open source application Autopsy. We call our prototype AutoTrack . Our evaluation against the different models of Windows system usage reveals that Autotrack is superior to existing solutions and provides support for an investigator to find digital traces about the origin and possible further dissemination of files. We publish our AutoTrack plugin and thus provide full reproducibility of our approach.

More from our Archive

• DOI: 10.3390/electronics12132857 2023

  Word-of-Mouth Engagement in Online Social Networks: Influence of Network Centrality and Density

  Bogdan Anastasiei, Nicoleta Dospinescu, Octavian Dospinescu

• DOI: 10.3390/systems11070329 2023

  Smarter and Prosperous: Digital Transformation and Enterprise Performance

  Da Gao, Zhiliang Yan, Xiaotian Zhou, Xinlin Mo

• DOI: 10.3390/systems11070351 2023

  Harnessing the Power of ChatGPT for Automating Systematic Review Process: Methodology, Case Study, Limitations, and Future Directions

  Ahmad Alshami, Moustafa Elsayed, Eslam Ali, Abdelrahman E. E. Eltoukhy, Tarek Zayed

• DOI: 10.3390/electronics12132921 2023

  Novel Heuristic Optimization Technique to Solve Economic Load Dispatch and Economic Emission Load Dispatch Problems

  Nagendra Singh, Tulika Chakrabarti, Prasun Chakrabarti, Martin Margala, Amit Gupta, S. Phani Praveen, Sivaneasan Bala Krishnan, Bhuvan Unhelkar

• DOI: 10.3390/systems11070336 2023

  Evaluation of Tourism Ecological Security and Its Driving Mechanism in the Yellow River Basin, China: Based on Open Systems Theory and DPSIR Model

  Xiaorong He, Chaoyue Cai, Jizhi Shi

• DOI: 10.1364/jocn.489228 2023

  Perspectives on and the road towards 100  Gb/s TDM PON with intensity-modulation and direct-detection

  Rene Bonk, Ed Harstead, Robert Borkowski, Vincent Houtsma, Yannick Lefevre, Amitkumar Mahadevan, Dora van Veen, Michiel Verplaetse, Sheldon Walklin

• DOI: 10.3390/electronics12143103 2023

  DDoS Attack Detection in IoT-Based Networks Using Machine Learning Models: A Survey and Research Directions

  Amal A. Alahmadi, Malak Aljabri, Fahd Alhaidari, Danyah J. Alharthi, Ghadi E. Rayani, Leena A. Marghalani, Ohoud B. Alotaibi, Shurooq A. Bajandouh

• DOI: 10.3390/computers12070141 2023

  A Deep Learning Network with Aggregation Residual Transformation for Human Activity Recognition Using Inertial and Stretch Sensors

  Sakorn Mekruksavanich, Anuchit Jitpattanakul

• DOI: 10.3390/systems11070348 2023

  Failure Mode and Effect Analysis with a Fuzzy Logic Approach

  José Jovani Cardiel-Ortega, Roberto Baeza-Serrato

• DOI: 10.3390/electronics12132984 2023

  DRL-Based Backbone SDN Control Methods in UAV-Assisted Networks for Computational Resource Efficiency

  Inseok Song, Prohim Tam, Seungwoo Kang, Seyha Ros, Seokhoon Kim