Indian Kanoon - Search engine for Indian Law

In a paper published by SANS Institute dowloaded from the SANS Computer Forensics and e-Discovery site titled as 'Fight Crime' "Unravel incidents ..... one byte at a time" in the chapter 'Detection of Backdating the System Clock in Windows' reads as under :

"In the digital forensic industry, evidence concerning date andtime is a fundamental part of many investigations. As one of the most commonly used anti-forensic approaches, system backdating has appeared in more and more investigations. Since the system clock can be set back manually, it is important for investigations to identify the reliability of date and time so as to make further decision. However, there is no simple way to tell whether the system clock has been backdated or tampered especially when it was subsequently reset to the correct time. There are variety of artifacts to detect the behavior of backdating the system clock. If the investigator needs to prove the hypothesis that "the system clock has not been backdated." he or she must examine multiple artifacts for corroboration."