CFP last date
20 January 2025
Call for Paper
February Edition
IJCA solicits high quality original research papers for the upcoming February edition of the journal. The last date of research paper submission is 20 January 2025

Submit your paper
Know more
The week's pick
Responsive image
SFLA-Based Line Balancing and Task Optimization in Master-Slave Controlled Hanger Transportation Systems for Garment Production

Duc Hoang Nguyen
Random Articles
Reseach Article

Volatile Memory Forensics: A Legal Perspective

by Harnoor Kaur Mann, Gurpal Singh Chhabra
journal cover thumbnail

International Journal of Computer Applications
Foundation of Computer Science (FCS), NY, USA
Volume 155 - Number 3
Year of Publication: 2016
Authors: Harnoor Kaur Mann, Gurpal Singh Chhabra
10.5120/ijca2016912276

Harnoor Kaur Mann, Gurpal Singh Chhabra . Volatile Memory Forensics: A Legal Perspective. International Journal of Computer Applications. 155, 3 ( Dec 2016), 11-15. DOI=10.5120/ijca2016912276

@article{ 10.5120/ijca2016912276,
author = { Harnoor Kaur Mann, Gurpal Singh Chhabra },
title = { Volatile Memory Forensics: A Legal Perspective },
journal = { International Journal of Computer Applications },
issue_date = { Dec 2016 },
volume = { 155 },
number = { 3 },
month = { Dec },
year = { 2016 },
issn = { 0975-8887 },
pages = { 11-15 },
numpages = {9},
url = { https://ijcaonline.org/archives/volume155/number3/26584-2016912276/ },
doi = { 10.5120/ijca2016912276 },
publisher = {Foundation of Computer Science (FCS), NY, USA},
address = {New York, USA}
}
%0 Journal Article
%1 2024-02-07T00:00:16.486827+05:30
%A Harnoor Kaur Mann
%A Gurpal Singh Chhabra
%T Volatile Memory Forensics: A Legal Perspective
%J International Journal of Computer Applications
%@ 0975-8887
%V 155
%N 3
%P 11-15
%D 2016
%I Foundation of Computer Science (FCS), NY, USA
Abstract

In today’s world of fast changing technology where everything is governed by Internet directly or indirectly, the trend of crime has undergone a dramatic change over the past few years. Today, one can commit a crime with just a click of a button on laptop or computer and enjoy the garb of anonymity and impunity to a great extent. In such a scenario, it has become imperative to throw some light on the emerging issue of tackling cybercrimes in 21st century. This paper describes the extraction and analysis of volatile data that is available in computer’s RAM that is in a running state on windows operating systems and shows the utility of RAM in Computer Forensics that is often neglected while crime scenario with running system is encountered. Keeping in view this necessity, it is essential to consider the issues of digital evidence and their collection, preservation, and admissibility in the court of law.

References
  1. Remzi H. Arpaci-Dusseau, Andrea C. Arpaci-Dusseau, Operating Systems: Three Easy Pieces, Arpaci-Dusseau Books, (2014), 13, 5, (0.80 edition)
  2. Carsten Maartmann-Moea, S.E. Thorkildsenb, A.Arnesc, The persistence of memory: Forensic identification and extraction of cryptographic keys, J. digital investigation , (2009), vol. 6, S132–S140
  3. A. Aljaedi, D. Lindskog, P. Zavarsky, R. Ruhl, F. Almari, Comparative Analysis of Volatile Memory Forensics Live Response vs. Memory Imaging, IEEE International Conference on Privacy, Security, Risk, and Trust, and.IEEE International Conference on Social Computing, (2011)
  4. B.D. Carrier and J. Grand, A hardware-based memory acquisition procedure for digital investigations, J. Digital Investigation, (2004), vol. 1, 50-60
  5. https://www.sciencedirect.com/science/article/pii/S0167404804000100
  6. P. J. Denning, Virtual memory, J. ACM Computing Surveys, 2, (1970), Vol. 2 (3), 153-189
  7. https://forensicswiki.org/wiki/Memory_analysis
  8. Andrew S. Tanenbaum. Modern Operating Systems. Prentice Hall, Inc., Upper Saddle River, New Jersey 07458, (2001), 3, 194-198, 4th Edition
  9. https://resources.infosecinstitute.com/memory-forensics/
  10. F. Gianni, F. Solinas, Live Digital Forensics: Windows XP vs Windows 7, IEEE International Conference on informatics and applications (2013)
  11. S. Thomas, K. K. Sherly, S. Dija, Extraction of memory forensic artifacts from windows 7 RAM image, IEEE International Conference on Information and Communication Technologies (2013)
  12. Sid Leach Snell & Wilmer LLP, What Every Lawyer Needs to Know About Computer Forensic Evidence in IP Litigation, University of Texas 11th Annual Intellectual Property Law Symposium, February 19, 2010
  13. Steve Bunting, EnCase Computer Forensics. The Official EnCE: EnCase Certified Examiner Study Guide, John Wiley & Sons, 2012, page no.65, 3rd edition
  14. L. Wang, R. Zhang, S. Zhang, A Model of Computer Live Forensics Based on Physical Memory Analysis, IEEE 1st International Conference on Information Science and Engineering (2009)
  15. Gerard O'Regan, A Brief History of Computing (2012) ,2nd edition, 2, 27-30
Index Terms

Computer Science
Information Sciences

Keywords

Read Only Memory (ROM) Acquisition Seizing Verifying imaging Random Access Memory (RAM) Integrity Authenticity Address Resolution Protocol (ARP) Man-In-The-Middle Attack.

Powered by PhDFocusTM