منابع مشابه
Live Memory Forensics of Mobile Phones
In this paper, we proposed an automated system to perform a live memory forensic analysis for mobile phones. We investigated the dynamic behavior of the mobile phone’s volatile memory, and the analysis is useful in real-time evidence acquisition analysis of communication based applications. Different communication scenarios with varying parameters were investigated. Our experimental results sho...
متن کاملForensics Analysis On Smart Phones Using Mobile Forensics Tools
The role of mobile devices (cell phones and smart phones) becomes an integral part of everyone’s life, which also leads to criminal activities like hacking, Smishing, SMS spoofing etc. Digital evidence in mobile phone has attempted to delete the data by criminal. Information from mobile phones is useful for investigators to learn about user information. In this paper, a novel method is performi...
متن کاملMemory Forensics for QQ from a Live System
Our paper details the techniques to collect sensitive information of the QQ client, which is the most popular instant messaging (IM) in China. We have managed to acquire the contact list, the QQ account, the chats records, the QQ discussion group, the display names and the contents of network notepad. They are of great interest to the examiners. Besides, as the techniques we use to search for p...
متن کاملIdentifying Volatile Data from Multiple Memory Dumps in Live Forensics
One of the core components of live forensics is to collect and analyze volatile memory data. Since the dynamic analysis of memory is not possible, most live forensic approaches focus on analyzing a single snapshot of a memory dump. Analyzing a single memory dump raises questions about evidence reliability; consequently, a natural extension is to study data from multiple memory dumps. Also impor...
متن کاملUncertainty in Live Forensics
The goal of live digital forensics is to collect crucial evidence that cannot be acquired under the well-known paradigm of post-mortem analysis. Volatile information in computer memory is ephemeral by definition and can be altered as a consequence of the live forensic approach. Every running tool on an investigated system leaves artifacts and changes the system state. This paper focuses on the ...
متن کاملذخیره در منابع من
با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید
ژورنال
عنوان ژورنال: Digital Investigation
سال: 2010
ISSN: 1742-2876
DOI: 10.1016/j.diin.2010.05.010