{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2025,10,29]],"date-time":"2025-10-29T03:34:58Z","timestamp":1761708898174,"version":"3.28.0"},"reference-count":17,"publisher":"IEEE","content-domain":{"domain":[],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2013,3]]},"DOI":"10.1109\/imf.2013.20","type":"proceedings-article","created":{"date-parts":[[2013,8,1]],"date-time":"2013-08-01T16:12:45Z","timestamp":1375373565000},"page":"98-112","source":"Crossref","is-referenced-by-count":12,"title":["Forensic Application-Fingerprinting Based on File System Metadata"],"prefix":"10.1109","author":[{"given":"Sven","family":"Kalber","sequence":"first","affiliation":[]},{"given":"Andreas","family":"Dewald","sequence":"additional","affiliation":[]},{"given":"Felix C.","family":"Freiling","sequence":"additional","affiliation":[]}],"member":"263","reference":[{"journal-title":"Popstate Dat-MozillaZine Knowledge Base","year":"2011","key":"17"},{"journal-title":"Microsoft Windows XP Professional Resource Kit","year":"2003","key":"15"},{"key":"16","doi-asserted-by":"publisher","DOI":"10.1109\/SADFE.2009.12"},{"key":"13","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-642-19513-6_8"},{"journal-title":"Nmap Network Scanning The Official Nmap Project Guide to Network Discovery and Security Scanning","year":"2009","author":"lyon","key":"14"},{"key":"11","doi-asserted-by":"publisher","DOI":"10.1109\/SADFE.2007.22"},{"key":"12","doi-asserted-by":"publisher","DOI":"10.1016\/j.diin.2011.05.009"},{"key":"3","doi-asserted-by":"publisher","DOI":"10.1016\/j.diin.2006.06.003"},{"key":"2","doi-asserted-by":"crossref","first-page":"76","DOI":"10.1145\/1113034.1113074","article-title":"Next-generation digital forensics","volume":"49","author":"golden g","year":"2006","journal-title":"Commun ACM"},{"key":"1","doi-asserted-by":"publisher","DOI":"10.1016\/j.diin.2010.05.009"},{"key":"10","doi-asserted-by":"crossref","first-page":"201","DOI":"10.1016\/j.diin.2005.07.003","article-title":"The windows registry as a forensic resource","volume":"2","author":"carvey","year":"2005","journal-title":"Digital Investigation"},{"key":"7","doi-asserted-by":"publisher","DOI":"10.1520\/JFS2004127"},{"journal-title":"File System Forensic Analysis","year":"2005","author":"carrier","key":"6"},{"journal-title":"Digital evidence and computer crime Forensic science computers and the Internet","year":"2011","author":"casey","key":"5"},{"key":"4","doi-asserted-by":"publisher","DOI":"10.1109\/IMF.2013.16"},{"journal-title":"The Proceedings of the Ninth Annual DFRWS Conference","year":"0","key":"9"},{"key":"8","doi-asserted-by":"publisher","DOI":"10.1016\/j.diin.2009.06.009"}],"event":{"name":"2013 Seventh International Conference on lT Security lncident Management and lT Forensics (IMF)","start":{"date-parts":[[2013,3,12]]},"location":"Nuremberg, Germany","end":{"date-parts":[[2013,3,14]]}},"container-title":["2013 Seventh International Conference on IT Security Incident Management and IT Forensics"],"original-title":[],"link":[{"URL":"http:\/\/xplorestaging.ieee.org\/ielx7\/6568360\/6568536\/06568558.pdf?arnumber=6568558","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2017,6,21]],"date-time":"2017-06-21T13:14:18Z","timestamp":1498050858000},"score":1,"resource":{"primary":{"URL":"http:\/\/ieeexplore.ieee.org\/document\/6568558\/"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2013,3]]},"references-count":17,"URL":"https:\/\/doi.org\/10.1109\/imf.2013.20","relation":{},"subject":[],"published":{"date-parts":[[2013,3]]}}}