Non-Volatile Memory Forensic Analysis in Windows 10 IoT Core
نویسندگان
چکیده
منابع مشابه
Forensic Analysis of the Windows Registry in Memory
This paper describes the structure of the Windows registry as it is stored in physical memory. We present tools and techniques that can be used to extract this data directly from memory dumps. We also provide guidelines to aid investigators and experimentally demonstrate the value of our techniques. Finally, we describe a compelling attack that modifies the cached version of the registry withou...
متن کاملWindows Volatile Memory Forensics Based on Correlation Analysis
In this paper, we present an integrated memory forensic solution for multiple Windows memory images. By calculation, the method can find out the correlation degree among the processes of volatile memory images and the hidden clues behind the events of computers, which is usually difficult to be obtained and easily ignored by analyzing one single memory image and forensic investigators. In order...
متن کاملVolatile and Non-Volatile Single Electron Memory
Multi Tunnel Junctions (MTJs) have attracted much attention recently in the fields of Single-Electron Devices (SED) in particular Single-Electron Memory (SEM). In this paper, we have design and study a nano-device structure using a two dimensional array MTJs for Volatile and Non-Volatile-SEM, in order to analyze the impact of physical parameters on the performances. We investigate the single-el...
متن کاملA forensic insight into Windows 10 Jump Lists
The records maintained by Jump Lists have the potential to provide a rich source of evidence about users’ historic activity to the forensic investigator. The structure and artifacts recorded by Jump Lists have been widely discussed in various forensic communities since its debut in Microsoft Windows 7. However, this feature has more capabilities to reveal evidence in Windows 10, due to its modi...
متن کاملForensic Analysis of the Windows 7 Registry
The recovery of digital evidence of crimes from storage media is an increasingly time consuming process as the capacity of the storage media is in a state of constant growth. It is also a difficult and complex task for the forensic investigator to analyse all of the locations in the storage media. These two factors, when combined, may result in a delay in bringing a case to court. The concept o...
متن کاملذخیره در منابع من
با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید
ژورنال
عنوان ژورنال: Entropy
سال: 2019
ISSN: 1099-4300
DOI: 10.3390/e21121141