Title :
A new forensic model and its application to the collection, extraction and long term storage of screen content off a memory dump
Author :
Kiltz, Stefan ; Hoppe, Tobias ; Dittmann, Jana
Abstract :
In this paper we show how to extract graphics content within a memory dump of a windows-based system. This includes the assurance of integrity and authenticity of evidence gathered this way using cryptographic mechanisms. We introduce a forensic data model and investigate different forensic analysis steps within a phase-oriented manner to classify potential forensic methods. Furthermore we discuss approaches for long term preservation for the forensic data acquired from the memory dumps to ensure authenticity and integrity.
Keywords :
cryptography; feature extraction; message authentication; video signal processing; cryptographic mechanism; forensic data model; graphics content extraction; image-video processing; memory dump; phase-oriented manner; windows-based system; Brain modeling; Data analysis; Forensics; Gaussian noise; Image reconstruction; Magnetic resonance imaging; Rician channels; Sensor phenomena and characterization; Signal to noise ratio; Testing; Image/Video Processing Techniques; Information Forensics and Security;
Conference_Titel :
Digital Signal Processing, 2009 16th International Conference on
Conference_Location :
Santorini-Hellas
Print_ISBN :
978-1-4244-3297-4
Electronic_ISBN :
978-1-4244-3298-1
DOI :
10.1109/ICDSP.2009.5201189
