DocumentCode :
2205733
Title :
A Model of Computer Live Forensics Based on Physical Memory Analysis
Author :
Wang, Lianhai ; Zhang, Ruichao ; Zhang, Shuhui
Author_Institution :
Shandong Comput. Sci. Center, Jinan, China
fYear :
2009
fDate :
26-28 Dec. 2009
Firstpage :
4647
Lastpage :
4649
Abstract :
This paper provides a look at some of the shortcomings of current approaches to live forensics. On this basis, a model of computer live forensics based on physical memory analysis is proposed. The model can be used to effectively address many of the challenges facing the conventional live forensics. Then taking the credibility of digital evidence as a starting point, the issue of credibility of live forensic is then put forward for study. Finally, methods of credibility calculation are given through probabilistic and statistical computing. This work may help to improve the scientific credibility of the digital evidence acquired by live forensic in current practice.
Keywords :
computer forensics; statistical analysis; computer live forensics; digital evidence; physical memory analysis; probabilistic computing; statistical computing; Computer crime; Computer hacking; Computer science; Digital forensics; Humans; Image analysis; Information analysis; Information science; Kernel; Physics computing;
fLanguage :
English
Publisher :
ieee
Conference_Titel :
Information Science and Engineering (ICISE), 2009 1st International Conference on
Conference_Location :
Nanjing
Print_ISBN :
978-1-4244-4909-5
Type :
conf
DOI :
10.1109/ICISE.2009.69
Filename :
5454440
Link To Document :
https://search.ricest.ac.ir/dl/search/defaultta.aspx?DTC=49&DC=2205733
بازگشت