Live digital forensics: Windows XP vs Windows 7

Over the last few years, analysing a computer or a digital device has become a necessity in the field of criminal investigations. Traditional digital forensics analysis includes static analysis, which concerns data that are permanently stored in devices, and live analysis, which regards data that are temporarily stored in equipments or that transit in networks. This paper proposes a live forensics analysis on two different operating systems: Windows XP and Windows Seven. The case study focuses on some common applications such as Skype, Google Talk and the browser Internet Explorer. The last software involves only those cases in which the browser is surfing on Facebook, Yahoo, Hotmail and Gmail. In addition, although many types of applications are payment software, one of the main objectives of this work has been the only use of the free software in order to prove the possibility to obtain the same results minimizing the costs.