FALI: Time Memory Information of Windows Computer Systems
نویسندگان
چکیده
منابع مشابه
A study of application level information from the volatile memory of Windows computer systems
......................................................................................................................................... 3 Acknowledgements ....................................................................................................................... 6 List of Abbreviations ...................................................................................................
متن کاملCollecting Sensitive Information from Windows Physical Memory
When investigators are faced with a target system, they want to find sensitive information such as userID and password. Unfortunately, sensitive information can not be found on the hard drive in most cases. Consequently, sensitive information needs to be gathered from physical memory. In our research, we have found lots of sensitive information from physical memory by different techniques. Besi...
متن کاملLive Memory Acquisition for Windows Operating Systems:
Cover Page and Abstract Tools and Techniques for Analysis The live acquisition of volatile memory (RAM) is an area in digital forensics that has not garnered much attention until most recently. The importance of the contents of physical memory has always taken a back seat to what is considered more important – the contents of physical media. However, a great deal of information can be acquired ...
متن کاملOn the Identification of Information Extracted from Windows Physical Memory
Forensic investigation of the physical memory of computer systems is gaining the attention of experts in the digital forensics community. Forensic investigators find it helpful to seize and capture data from the physical memory and perform post-incident analysis when identifying potential evidence. However, there have been few investigations which have identified the quantity and quality of inf...
متن کاملExtraction of Forensically Sensitive Information from Windows Physical Memory
Forensic analysis of physical memory is gaining good attention from experts in the community especially after recent development of valuable tools and techniques. Investigators find it very helpful to seize physical memory contents and perform post-incident analysis of this potential evidence. Most of the research carried out focus on enumerating processes and threads by accessing memory reside...
متن کاملذخیره در منابع من
با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید
ژورنال
عنوان ژورنال: International Journal of Intelligent Computing Research
سال: 2013
ISSN: 2042-4655
DOI: 10.20533/ijicr.2042.4655.2013.0046