Volatile Memory Investigation

344 Words1 Page
bulb-icon

Recommended: Digital evidence importance

Abstract-
This research done to estimate the performance of different tools that acquire, analyze and recover the evidences of crime from volatile memory. Volatile memory stays for a very short period and that is why it is always tough to analyze such memory. It contains much valuable and confidential information such as passwords, usernames, running processes, etc. Acquiring, analyzing and recovering are the three major steps for memory forensics. All the tools investigated are not entirely fitted for a particular situation hence; the investigation needs to rely on many tools that can retrieve useful information from the evidences. It is important to know the usefulness of a tool before it is applied to solve a crime. Although most of the …show more content…

To control the effects of such crimes digital forensics has gained popularity in recent years. In today’s world, the dependency on computers is growing widely. Government agencies and private companies are attempting to protect themselves from cyber attacks with digital defence techniques like encryption, firewalls and heuristic or signature scanning, etc. Meanwhile, the number of attacks that include sensitive military data canters, targeting power grids and stealing trade secrets from both private and public organizations continues to increase. the detection, response and reporting of these kinds of intrusions as well as other incidents involving computer systems, are critical for cyber security professionals Just like that, if the data taken from the organizations encrypted across the network, to determine which sensitive files were stolen and that won’t be recognized by traditional packet capture techniques. However, passwords and encrypted keys can often be recovered by memory forensics, or even the file’s plain-text contents before they were encrypted, providing information to understand the scope of an

Show More
Related

  • Flashbulb Memories: Special Mechanism

    736 Words  | 2 Pages

    What do events like the assassination of John F. Kennedy, The Challenger space shuttle disaster, and hurricane Andrew that shook Miami have in common? All these events can be remembered by the people who experienced it due to flashbulb memory. Flashbulb memories were defined by R. Brown and J. Kulik (1977) as vivid, detailed, and long-lasting memories for attributes of the reception context of public news (Curci, A., & Lanciano, T., 2009). The people who experience such huge events are certain that their flashbulb memories are very accurate and can give in detail what occurred to them in those events (Schwartz, 2013). Furthermore events that generate flashbulb memories are usually very surprising and emotionally arousing and are perceived by the subject as personally consequential (Emotion & Memory 1993). But not all memories need to be negative and tragic. Events like the first day of first grade, your first romantic kiss, your first day at a new job, or recital of your wedding vows can also be described as flashbulb memories (Schwartz, 2013).

    Read More

  • The Impossible Knife Of Memory Analysis

    591 Words  | 2 Pages

    In the final chapter of The Impossible Knife of Memory, the main character of the book, Hayley begins it off talking about being in a fairytale. If this was her fairytale, this chapter would be her happily ever after. Before this chapter of the book, her life had been disorganized frequently because of her father’s disorder. Her father, Andy Kincain, a war veteran, has PTSD. Also known as Post Traumatic Stress Disorder; this disorder is caused by seeing or experiencing a very intense, and terrifying event. In Andy’s case, the war was what caused his condition.

    Read More

  • A Flashbulb Memory

    520 Words  | 2 Pages

    Have you ever experienced an event that was so significant to you that you felt as if your memory was taking a photograph, keeping the memory implanted in your brain for the rest of your life? This is a prime example of flashbulb memory. Flashbulb memory is a term that pertains to a person’s memory of hearing about extremely shocking events (Goldstein, 2011, p. 209). Flashbulb memory is not the memory for the event itself, but it’s the memory of how the person heard about the specific event (Goldstein, 2011, p. 209). This means that a flashbulb memory includes where you were and what you were doing when you found out about a tragic event (Goldstein, 2011, p. 209). Some key attributes of flashbulb memories are that they are both remembered for long periods of time and are exceedingly vivid (Goldstein, 2011, p. 209). A great way to describe flashbulb memories is to compare them to a photo that never fades, proving how relevant these memories are to those who have them (Goldstein, 2011, p. 209).

    Read More

  • SITSA Attack Summary

    613 Words  | 2 Pages

    O`Mara (2016) notes that forensic assessment of network damage can also function as a form of post-event data that can reveal the extent of the attack perpetrated. This element coupled with subsequent analyses of the network after the event can also help inform assessments of the attack`s broader effects. Identifying the perpetrators signature can also help profile the attackers and determine if these events were coordinated or isolated, and if the same attackers have been implicated in similar events recently. Law enforcement agencies can also sometimes provide information that can help identify a specific attacker. This approach can also help identify if the attacks were singular in nature or connected to other events. These subsequent analyses can, collectively, help frame and identify an attacker`s motives, which can also help organizational IT analysts understand the reasons for why the attack

    Read More

  • P Vs. NP: The Controversy

    1468 Words  | 3 Pages

    Today’s businesses and organizations need privacy. They need to keep their employee’s information, trade secrets, financial records, and many other sensitive documents that cannot be shown to the public. To do this, these organizations use encryption. Encryption is using an irreversible program to turn a file into gibberish. To translate the gibberish back to the original contents of the file, you must use a decryption program and provide a password. This is so the program can decrypt the file correctly. This encryption is what prevents cybercriminals who happen to get a hold of any files from looking at file contents. To the cybercriminal, encrypted files are completely useless unless he can figure out how it was encrypted. In order to decrypt the file, the cybercriminal must first find a series of steps that can decrypt the file over and over again: an algorithm.

    Read More

  • Cloud Forensics

    750 Words  | 2 Pages

    Since there is no ultimate perfect computer crime, storage is the major reason why digital forensics hatched in the first place as data or trail would be left behind after any attack or intrusion. When hardware access to the machine is determined, one knows exactly where the data is located however, when using a cloud service, the data could be anywhere, even in different states, countries, or even continents. Even if the attacker is practically next door, the data’s residence is still nowhere near which mean that data cannot be retrieved or that easily. This presents forensic analysts with another in a series of dead ends.

    Read More

  • The Department Of Homeland Security And Cyber-Crime

    583 Words  | 2 Pages

    Cyber-crime is defined by the Department of Homeland Security as the production and distribution of child pornography and child exploitation conspiracies, banking and financial fraud, and intellectual property violations. Personally, cyber-attacks on national institutions would be a greater threat to the nation than those committed on individuals. Corporate security breaches, spear phishing, and social media fraud are all current threats that occur several times daily across the country and world. The Department of Homeland Security works with other federal agencies to conduct high-impact criminal investigations. These investigations are used to disrupt and defeat cyber criminals. Firstly understanding what cyber-attacks on national institutions

    Read More

  • Computer Forensic Tools

    895 Words  | 2 Pages

    In conclusion, computer crimes have increased in the recent past because of the proliferation of these devices due to technological advancements. This has in turn contributed to the emergence of computer forensics, which involves the use of various processes and tools to gather evidence that is admissible in a court. There are various types of computer forensic tools or programs with different features, costs, and areas of effectiveness. Similarly, there are various computer experts for various computer crime scenarios. Since these experts are only suitable for varying computer crime scenarios, the hourly costs of hiring them differ based on the specific details of the case.

    Read More

  • Digital Evidence and Computer Crime

    1732 Words  | 4 Pages

    These three different systems all provide different types of information that may be useful to digital investigators. For example, an open system stores data on the hard drive. The data stored can be anything from web searches to incriminating pictures. Communication systems can tell whom a suspect has been in contact with leading up to the crime. Embedded systems can show ...

    Read More

  • HIPAA, CIA, and Safeguards

    1633 Words  | 4 Pages

    On 5 October 2009, computer equipment from a network data closet was stolen from BCBST. The items stolen were 57 unencrypted hard drives which contained over 300,000 video recording and over one million audio recordings. According to Whitman & Mattord (2010), confidentiality, integrity, and availability makes up the C.I.A triangle which is the basis of Committee on National Security model for information security, an industrial standard, (Whitman & Mattord, 2010). Confidentiality can be a synonym for encryption but also means only the people with the correct permission can access the information. One of the major security issue is the hard drives were not encrypted. The hard drives should be encrypted to prevent people from reading the information the computer. Software can be purchased which will encrypt files on hard drive with such as Folder Lock, SensiGuard, Secure IT, and more. There are open source encrypting software which are free for use which could have been used. If the hard drives were not needed, the data should hav...

    Read More

  • Data Acquisition

    1744 Words  | 4 Pages

    Live acquisition: The future of data acquisitions is shifting toward live acquisitions because of the use of disk encryption with newer operating systems (OSs). In addition to encryption concerns, collecting any data that’s active in a suspect’s computer RAM is becoming more important to digital investigations. The processes and data integrity requirements for static and live acquisitions are the same. The only shortcoming with live acquisitions is not being able to perform repeatable processes, which are critical for collecting digital evidence.

    Read More

  • What Is Digital Forensics And Digital Evidence?

    1557 Words  | 4 Pages

    What did they do ? Before we talk about it any further, we have to know some definitions that we use in digital forensics and digital evidence, not only two of them but the others too. This chapter will explain about it . Before we talk about it any further, we have to know the definition of what we are talking about. In the introduction we already know what digital forensic and digital evidence shortly are. In this chapter, we will more explore what they are, and some state that we found when we search about digital forensic and digital evidence. Computer forensics is a broad field and applied to the handling of crimes related to information technology. The goal of computer forensic is to securing and analyzing digital

    Read More

  • Exploring Virtual Memory

    1713 Words  | 4 Pages

    Virtual memory is an old concept. Before computers utilized cache, they used virtual memory. Initially, virtual memory was introduced not only to extend primary memory, but also to make such an extension as easy as possible for programmers to use. Memory management is a complex interrelationship between processor hardware and operating system software. For virtual memory to work, a system needs to employ some sort of paging or segmentation scheme, or a combination of the two. Nearly all implementations of virtual memory divide a virtual address space into pages, which are blocks of contiguous virtual memory addresses. On the other hand, some systems use segmentation instead of paging. Segmentation divides virtual address spaces into variable-length segments. Segmentation and paging can be used together by dividing each segment into pages.

    Read More

  • Cryptography

    823 Words  | 2 Pages

    Cryptography is an interesting field in the world of computer security. This has been boosted by the increase in computer attacks emanating from the Internet. With large and confidential data being transferred over the Internet, its security must be addressed. It is because of this that encryption techniques are continually evolving. With computer hackers being IT experts who are hungry to get at personal data on the Internet, IT security experts have also made sure that they come up with products to combat and stay ahead of the hackers.

    Read More

  • Cybercrime Essay

    2700 Words  | 6 Pages

    Computer crime or Cyber Crime is defined as any type of crime that involves or regards a computer or computer network. Cyber Crime mainly means that the computer may be used as a tool in the commission of the crime or the computer may be the main target of the criminal’s crime. The rapid growth of technology and gadgets as well as the further de...

    Read More

More about Volatile Memory Investigation

Open Document