Obfuscating Live Computer Forensic Investigative Process on a Windows 7 Operating System: A Criminal's Perspective
نویسندگان
چکیده
منابع مشابه
Obfuscating Live Computer Forensic Investigative Process on a Windows 7 Operating System: A Criminals Perspective
Live forensic investigation is conducted when the computer system is turned on whilst the data is gathered in a forensically sound manner, from the physical memory, in the form of evidence. As time progressed, criminals have been developing methodologies by which live analysis could be defeated. One such method implemented by the criminals is that of a rookit being installed on the victim'...
متن کاملA Live Digital Forensic system for Windows networks
This paper presents FOXP (computer FOrensic eXPerience), an open source project to support network Live Digital Forensics (LDF), where the network nodes run a Windows NT family Operating System (OS). In particular, the FOXP architecture is composed of a set of software sensors, once for every network node, that log node activities and then send these logs to a FOXP collector node; this collecto...
متن کاملLive Memory Acquisition for Windows Operating Systems:
Cover Page and Abstract Tools and Techniques for Analysis The live acquisition of volatile memory (RAM) is an area in digital forensics that has not garnered much attention until most recently. The importance of the contents of physical memory has always taken a back seat to what is considered more important – the contents of physical media. However, a great deal of information can be acquired ...
متن کاملWindows Operating System Vulnerabilities
Computers have brought about a revolution across all industries. Computers have become the most important part for the success of any enterprise. Computers are the best means for proper storage and management of data. They can assist as knowledge bases and can be utilized for financial transactions due to their processing power and storage capacities. PCs handle and keep a track of data which i...
متن کاملForensic Analysis of the Windows 7 Registry
The recovery of digital evidence of crimes from storage media is an increasingly time consuming process as the capacity of the storage media is in a state of constant growth. It is also a difficult and complex task for the forensic investigator to analyse all of the locations in the storage media. These two factors, when combined, may result in a delay in bringing a case to court. The concept o...
متن کاملذخیره در منابع من
با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید
ژورنال
عنوان ژورنال: International Journal of Computer Applications
سال: 2015
ISSN: 0975-8887
DOI: 10.5120/21701-4814