2008 Third International Workshop on Systematic Approaches to Digital Forensic Engineering 2008
DOI: 10.1109/sadfe.2008.21 View full text |Buy / Rent full text
|
|

Abstract: The aim of this paper is to demonstrate the usefulness of the pagefile in a live forensic context. The forensic science is striving to find new methodologies to analyze the massive quantity of data normally present in a medium-sized workstation, which can have up to several terabytes of storage devices. As a result, the live forensic approach seems to be the only one which can guarantee promptness in obtaining evidential data to be used in the investigative process. The current approach of volatile forensic an… Show more

Help me understand this report

Search citation statements

Order By: Relevance
Select...
2
2
1
0
7
0

Year Published

2013
2013
2016
2016

Publication Types

Select...
3
1

Relationship

0
4

Authors

Journals

0
7
0
Order By: Relevance
“…In [3], the authors alert on the countermeasure tools to deal with rootkits, so many countermeasure tools available, for application level rootkits the examiner use CD one of trusted tool to counter the change. In [4], the authors paying attention on taking out memory page file, because the page file have data which directly related to the RAM dump. In [5], the authors propose a model for digital analysis by contravention it into different stages such as collecting evidence, examining it, and then generate a report.…”
Section: Related Workmentioning
Create an account to read the remaining citation statements from this report. You will also get access to:
  • Search over 1b+ citation statments to see what is being said about any topic in the research literature
  • Advanced Search to find publications that support or contrast your research
  • Citation reports and visualizations to easily see what publications are saying about each other
  • Browser extension to see Smart Citations wherever you read research
  • Dashboards to evaluate and keep track of groups of publications
  • Alerts to stay on top of citations as they happen
  • Automated reference checks to make sure you are citing reliable research in your manuscripts
  • 14 day free preview of our premium features.

Trusted by researchers and organizations around the world

Over 100,000 students researchers, and industry experts at use scite

See what students are saying

rupbmjkragerfmgwileyiopcupepmcmbcthiemesagefrontiersapsiucrarxivemeralduhksmucshluniversity-of-gavle
“…In [3], the authors alert on the countermeasure tools to deal with rootkits, so many countermeasure tools available, for application level rootkits the examiner use CD one of trusted tool to counter the change. In [4], the authors paying attention on taking out memory page file, because the page file have data which directly related to the RAM dump. In [5], the authors propose a model for digital analysis by contravention it into different stages such as collecting evidence, examining it, and then generate a report.…”
Section: Related Workmentioning
“…Savold and Gubian [4] focus on extracting memory page file. The live analysis approach guarantees analyzing data more quickly.…”
Section: Literature Reviewmentioning
“…Due to rapid increase in memory size, the forensic investigators strongly recommend the live response approach for acquisition of volatile evidence [4]. Through this technique the investigator can collect not only the information about live processes but also about the terminated and cache processes.…”
Section: Introductionmentioning
“…Live forensics tools in cloud computing environment have also been presented to collect volatile forensic data [6,38]. To overcome the data acquisition problems in cloud, Dykstra et al recommended a cloud management scheme for the IaaS model [9].…”
Section: Related Workmentioning