Windows operating systems agnostic memory analysis

Windows Operating System Agnostic Memory Analysis

Memory analysis is an integral part of any computer forensic investigation, providing access to volatile data not found on a drive image. While memory analysis has recently made significant progress, it is still hampered by hard-coded tools that cannot generalize beyond the specific operating system and version they were developed for. This paper proposes using the debug structures embedded in ...

Live Memory Acquisition for Windows Operating Systems:

Cover Page and Abstract Tools and Techniques for Analysis The live acquisition of volatile memory (RAM) is an area in digital forensics that has not garnered much attention until most recently. The importance of the contents of physical memory has always taken a back seat to what is considered more important – the contents of physical media. However, a great deal of information can be acquired ...

Forensically Important Artifacts in Windows Operating systems

Performance Evaluation of Recent Windows Operating Systems

The primary goal of most OSs (Operating Systems) is the efficient use of computer systems software and hardware resources. Since Windows OSs are most widely used OS for personal computers, they need to satisfy needs of all different kind of computer systems users. In comparison with Windows XP, new versions of the Windows OS; namely Windows Vista and Windows 7, introduce a number of new feature...

Windows Operating System Vulnerabilities

Computers have brought about a revolution across all industries. Computers have become the most important part for the success of any enterprise. Computers are the best means for proper storage and management of data. They can assist as knowledge bases and can be utilized for financial transactions due to their processing power and storage capacities. PCs handle and keep a track of data which i...