File Download
There are no files associated with this item.
Links for fulltext
(May Require Subscription)
- Publisher Website: 10.1007/978-3-642-15506-2_13
- Scopus: eid_2-s2.0-78651108753
- Find via
Supplementary
-
Citations:
- Scopus: 0
- Appears in Collections:
Conference Paper: Identifying volatile data from multiple memory dumps in live forensics
| Title | Identifying volatile data from multiple memory dumps in live forensics |
|---|---|
| Authors | |
| Keywords | Live Forensics Memory Analysis Volatile Data |
| Issue Date | 2010 |
| Citation | Ifip Advances In Information And Communication Technology, 2010, v. 337 AICT, p. 185-194 How to Cite? |
| Abstract | One of the core components of live forensics is to collect and analyze volatile memory data. Since the dynamic analysis of memory is not possible, most live forensic approaches focus on analyzing a single snapshot of a memory dump. Analyzing a single memory dump raises questions about evidence reliability; consequently, a natural extension is to study data from multiple memory dumps. Also important is the need to differentiate static data from dynamic data in the memory dumps; this enables investigators to link evidence based on memory structures and to determine if the evidence is found in a consistent area or a dynamic memory buffer, providing greater confidence in the reliability of the evidence. This paper proposes an indexing data structure for analyzing pages from multiple memory dumps in order to identify static and dynamic pages. © 2010 International Federation for Information Processing. |
| Persistent Identifier | http://hdl.handle.net/10722/151988 |
| ISSN | 2023 SCImago Journal Rankings: 0.242 |
| References |
| DC Field | Value | Language |
|---|---|---|
| dc.contributor.author | Law, F | en_US |
| dc.contributor.author | Chan, P | en_US |
| dc.contributor.author | Yiu, SM | en_US |
| dc.contributor.author | Tang, B | en_US |
| dc.contributor.author | Lai, P | en_US |
| dc.contributor.author | Chow, KP | en_US |
| dc.contributor.author | Ieong, R | en_US |
| dc.contributor.author | Kwan, M | en_US |
| dc.contributor.author | Hon, WK | en_US |
| dc.contributor.author | Hui, L | en_US |
| dc.date.accessioned | 2012-06-26T06:32:10Z | - |
| dc.date.available | 2012-06-26T06:32:10Z | - |
| dc.date.issued | 2010 | en_US |
| dc.identifier.citation | Ifip Advances In Information And Communication Technology, 2010, v. 337 AICT, p. 185-194 | en_US |
| dc.identifier.issn | 1868-4238 | en_US |
| dc.identifier.uri | http://hdl.handle.net/10722/151988 | - |
| dc.description.abstract | One of the core components of live forensics is to collect and analyze volatile memory data. Since the dynamic analysis of memory is not possible, most live forensic approaches focus on analyzing a single snapshot of a memory dump. Analyzing a single memory dump raises questions about evidence reliability; consequently, a natural extension is to study data from multiple memory dumps. Also important is the need to differentiate static data from dynamic data in the memory dumps; this enables investigators to link evidence based on memory structures and to determine if the evidence is found in a consistent area or a dynamic memory buffer, providing greater confidence in the reliability of the evidence. This paper proposes an indexing data structure for analyzing pages from multiple memory dumps in order to identify static and dynamic pages. © 2010 International Federation for Information Processing. | en_US |
| dc.language | eng | en_US |
| dc.relation.ispartof | IFIP Advances in Information and Communication Technology | en_US |
| dc.subject | Live Forensics | en_US |
| dc.subject | Memory Analysis | en_US |
| dc.subject | Volatile Data | en_US |
| dc.title | Identifying volatile data from multiple memory dumps in live forensics | en_US |
| dc.type | Conference_Paper | en_US |
| dc.identifier.email | Yiu, SM:smyiu@cs.hku.hk | en_US |
| dc.identifier.email | Chow, KP:chow@cs.hku.hk | en_US |
| dc.identifier.email | Hui, L:hui@cs.hku.hk | en_US |
| dc.identifier.authority | Yiu, SM=rp00207 | en_US |
| dc.identifier.authority | Chow, KP=rp00111 | en_US |
| dc.identifier.authority | Hui, L=rp00120 | en_US |
| dc.description.nature | link_to_subscribed_fulltext | en_US |
| dc.identifier.doi | 10.1007/978-3-642-15506-2_13 | en_US |
| dc.identifier.scopus | eid_2-s2.0-78651108753 | en_US |
| dc.relation.references | http://www.scopus.com/mlt/select.url?eid=2-s2.0-78651108753&selection=ref&src=s&origin=recordpage | en_US |
| dc.identifier.volume | 337 AICT | en_US |
| dc.identifier.spage | 185 | en_US |
| dc.identifier.epage | 194 | en_US |
| dc.identifier.scopusauthorid | Law, F=19640490000 | en_US |
| dc.identifier.scopusauthorid | Chan, P=52563246100 | en_US |
| dc.identifier.scopusauthorid | Yiu, SM=7003282240 | en_US |
| dc.identifier.scopusauthorid | Tang, B=36844721900 | en_US |
| dc.identifier.scopusauthorid | Lai, P=19640260600 | en_US |
| dc.identifier.scopusauthorid | Chow, KP=7202180751 | en_US |
| dc.identifier.scopusauthorid | Ieong, R=22734240200 | en_US |
| dc.identifier.scopusauthorid | Kwan, M=19640239200 | en_US |
| dc.identifier.scopusauthorid | Hon, WK=7004282818 | en_US |
| dc.identifier.scopusauthorid | Hui, L=8905728300 | en_US |
| dc.identifier.issnl | 1868-4238 | - |