Privacy and Security of the Windows Registry

Author

Edward L. Amoruso, University of Central FloridaFollow

Keywords

Digital forensic investigation, event timelines, Windows registry, user digital footprint, privacy risk, data protection

Abstract

The Windows registry serves as a valuable resource for both digital forensics experts and security researchers. This information is invaluable for reconstructing a user's activity timeline, aiding forensic investigations, and revealing other sensitive information. Furthermore, this data abundance in the Windows registry can be effortlessly tapped into and compiled to form a comprehensive digital profile of the user. Within this dissertation, we've developed specialized applications to streamline the retrieval and presentation of user activities, culminating in the creation of their digital profile. The first application, named "SeeShells," using the Windows registry shellbags, offers investigators an accessible tool for scrutinizing and generating event timelines based on specific criteria like file access patterns and system navigations. It boasts analytical features that can identify potentially suspicious events through a heat mapping system. In the context of our research, we've also crafted another application designed to collect and deduce a user's extensive activities by solely accessing the Windows registry. This program effectively sidesteps security software by utilizing native Windows application programming interface (API) to interact with the registry, granting unrestricted access to valuable information. This trove of data, often referred to as the user's digital footprint, holds the potential to either investigate or compromise both the user's privacy and security. Finally, we propose a custom-developed application that utilizes both software-based encryption and advanced hooking techniques to protect users' personal data within the registry. Our program is designed to create a more secure and discreet environment for users, effectively fortifying it against privacy and security threats while maintaining accessibility to legitimate users and applications.

Completion Date

2024

Semester

Spring

Committee Chair

Zou, Cliff

Degree

Doctor of Philosophy (Ph.D.)

College

College of Engineering and Computer Science

Department

Electrical and Computer Engineering

Degree Program

Computer Engineering

Format

application/pdf

Identifier

DP0028287

URL

https://purls.library.ucf.edu/go/DP0028287

Language

English

Rights

In copyright

Release Date

May 2024

Length of Campus-only Access

None

Access Status

Doctoral Dissertation (Open Access)

Campus Location

Orlando (Main) Campus

STARS Citation

Amoruso, Edward L., "Privacy and Security of the Windows Registry" (2024). Graduate Thesis and Dissertation 2023-2024. 118.
https://stars.library.ucf.edu/etd2023/118

Accessibility Status

Meets minimum standards for ETDs/HUTs