Title :
Digital forensic research — The analysis of user input on volatile memory of Windows application
Author :
Olajide, Funminiyi ; Savage, Nick ; Akmayeva, Galyna ; Shoniregun, Charles
Author_Institution :
Sch. of Eng., Univ. of Portsmouth, Portsmouth, UK
Abstract :
This paper presents digital forensics analysis of user input on volatile memory of Windows applications. Identification of user input activities on Windows applications has become vital in forensic digital investigation. The extraction of user input information from physical memory may reveal useful information that could be used as evidence in crime cases; the information that may not be found on traditional hard disk forensic investigations. Digital forensic community feels the urge for the development of tools and techniques in volatile memory analysis. However, there have been few investigations into the amount of information that can be recovered from the application memory. This research reports the amount of evidence stored over time in Windows physical memory including, the quantitative and qualitative results of the experiments carried out on some commonly used Windows applications.
Keywords :
computer forensics; operating systems (computers); Windows application; Windows physical memory; digital forensic community; digital forensic research; forensic digital investigation; hard disk forensic investigations; user input analysis; volatile memory; Computers; Data mining; Electronic mail; Forensics; Internet; Memory management; Random access memory; Digital; Windows; analysis; applications; forensic; memory; physical; user;
Conference_Titel :
Internet Security (WorldCIS), 2012 World Congress on
Conference_Location :
Guelph, ON
Print_ISBN :
978-1-4673-1108-3
