943 Hits in 4.5 sec

Browsers' Private Mode: Is It What We Were Promised?

Kris Hughes, Pavlos Papadopoulos, Nikolaos Pitropakis, Adrian Smales, Jawad Ahmad, William J. Buchanan
2021 Computers  
However, in volatile memory analysis, a majority of artefacts within the test cases were retrieved.  ...  Our study investigates the usage of private mode and browsing artefacts within four prevalent web browsers and is focused on analyzing both hard disk and random access memory.  ...  Their analysis environment consisted of using virtualisation as their platform, which hosted a Windows 7 guest operating system (OS).  ... 
doi:10.3390/computers10120165 fatcat:4hwew5bonfdqvft3jksbmlx2nm

Volatile memory forensics for the Robot Operating System [article]

Víctor Mayoral Vilches, Laura Alzola Kirschgens, Endika Gil-Uriarte, Alejandro Hernández, Bernhard Dieber
2018 arXiv   pre-print
This article discusses volatile memory forensics for the Robot Operating System (ROS).  ...  and aimed to extract evidence from robot's volatile memory.  ...  forensic techniques for volatile memory is held for different operating systems.  ... 
arXiv:1812.09492v1 fatcat:bxiww3tgobewtibb2d45heo2yq

The Evolution of Volatile Memory Forensics

Hannah Nyholm, Kristine Monteith, Seth Lyles, Micaela Gallegos, Mark DeSantis, John Donaldson, Claire Taylor
2022 Journal of Cybersecurity and Privacy  
The collection and analysis of volatile memory is a vibrant area of research in the cybersecurity community.  ...  It contains fragments of encrypted files' contents, as well as lists of running processes, imported modules, and network connections, all of which are difficult or impossible to extract from the file system  ...  Conflicts of Interest: The authors declare no conflict of interest.  ... 
doi:10.3390/jcp2030028 fatcat:w64rxe3icfelvbrs2r2rs7lokm

Trends in Virtualized User Environments

Diane Barrett
2008 Journal of Digital Forensics, Security and Law  
Running operating systems and applications this way leaves very little trace on the host system.  ...  This paper will explore all the newest methods for virtualized environments and the implications they have on the world of forensics.  ...  The Volatility Framework 1.1.1 is a collection of tools, for the extraction of digital artifacts from volatile memory (RAM) images.  ... 
doi:10.15394/jdfsl.2008.1038 fatcat:s3wvf4dohjfhfc3w72n542r6sm

A new model for forensic data extraction from encrypted mobile devices

Aya Fukami, Radina Stoykova, Zeno Geradts
2021 Forensic Science International: Digital Investigation  
However, as mobile devices become essential tools for daily life, security and privacy concerns grow, and modern smartphone vendors have implemented multiple types of security protection measures -such  ...  We demonstrate that in order to overcome encryption challenges, new mobile forensic methods rely on bypassing the security features and exploiting system vulnerabilities.  ...  Level 4: Chip-off Chip-off requires physical removal of the non-volatile memory chip from the target mobile device.  ... 
doi:10.1016/j.fsidi.2021.301169 fatcat:oai5gawb6fe63cxmfpj3ub6d6e

Privacy Preserving Internet Browsers: Forensic Analysis of Browzar [article]

Christopher Warren, Eman El-Sheikh, Nhien-An Le-Khac
2017 arXiv   pre-print
However, there are very few research on evaluating of private browsing in terms of privacy preserving as well as forensic acquisition and analysis of privacy preserving internet browsers.  ...  Next, we describe the forensic acquisition and analysis of Browzar, a privacy preserving internet browser and compare it with other popular internet browsers  ...  The information captured in the memory of a system is considered volatile information -which is information that is lost once the host system is powered off.  ... 
arXiv:1710.09598v1 fatcat:sbf4ivmwdnf7hf7pziqqmrh3si

Treasure and tragedy in kmem_cache mining for live forensics investigation

Andrew Case, Lodovico Marziale, Cris Neckar, Golden G. Richard
2010 Digital Investigation. The International Journal of Digital Forensics and Incident Response  
Previously executed processes, memory mappings, sent and received network packets, NAT translations, accessed file system inodes, and more can all be recovered through examination of the kmem_cache contents  ...  This paper presents the first deep investigation of the kmem_cache facility in Linux from a forensics perspective.  ...  Privacy implications/fixes Besides recovery and analysis, digital forensics is also concerned with the privacy implications of using computer systems.  ... 
doi:10.1016/j.diin.2010.05.006 fatcat:oknwlpgzxrb67pufobvbwqdqdy

Data-in-use leakages from Android memory — Test and analysis

Pasquale Stirparo, Igor Nai Fovino, Ioannis Kounelis
2013 2013 IEEE 9th International Conference on Wireless and Mobile Computing, Networking and Communications (WiMob)  
This paper present the second phase of the MobiLeak project, analysing how mobile applications manage users data when these are loaded in the volatile memory of the device.  ...  Scope of this work is to raise the awareness of the research and development communities on the poor attention that is generally paid in the secure development of mobile applications.  ...  ACKNOWLEDGMENT The authors would like to thank Andrew Case, Michael Hale Ligh and the Volatility community for their support and assistance in the testing of the Volatility Framework with their new born  ... 
doi:10.1109/wimob.2013.6673433 dblp:conf/wimob/StirparoFK13 fatcat:6csge3ek4fcrfkwwbe4ujmhs6i

Dialing Up and Drilling Down: Forensic Preservation of Handheld Devices

Dana Lesemann, Heather Mahalik
2008 Social Science Research Network  
Forensic Preservation of Handheld Devices Dialing Up and Drilling Down Types of data on handheld devices Memory Memory can either be volatile or non-volatile.  ...  number of operating systems, most of which they encounter on a regular basis.  ... 
doi:10.2139/ssrn.1672568 fatcat:l5n5e6zfp5dhrcdthsaccioqwe

Residue-Free Computing

Logan Arkema, Micah Sherr
2021 Proceedings on Privacy Enhancing Technologies  
, thus frustrating the forensic process and enabling more privacy-preserving computing.  ...  Computer applications often leave traces or residues that enable forensic examiners to gain a detailed understanding of the actions a user performed on a computer.  ...  This work is partially funded by the National Science Foundation under grant CNS-1718498 and the Callahan Family Professor of Computer Science Chair Fund.  ... 
doi:10.2478/popets-2021-0076 fatcat:frerntyv7rh55ksshptgv2syhi

A forensic examination of web browser privacy-modes

Graeme Horsman, Ben Findlay, Josh Edwick, Alisha Asquith, Katherine Swannell, Dean Fisher, Alexander Grieves, Jack Guthrie, Dylan Stobbs, Peter McKain
2019 Forensic Science International: Reports  
Private browsing facilities are part of many mainstream Internet browsing applications and arguably, there is now more awareness of their function and purpose by the average Internet user.  ...  Our test methodology is documented and results and limitations described for the purpose of open, transparent scrutiny and evaluation from those operating in this area.  ...  Furthermore, development of the operating system(s) in which PB are usable may lead to the passive capturing of PB data.  ... 
doi:10.1016/j.fsir.2019.100036 fatcat:yfdxcyovgvbhhnyf37r4lo4rpa

Active security

Ryan Hand, Michael Ton, Eric Keller
2013 Proceedings of the Twelfth ACM Workshop on Hot Topics in Networks - HotNets-XII  
Extractor to collect forensic evidence at run-time, and the Volatility parsing tool to extract an executable from physical memory and analyze information about the malware (which can then be used by the  ...  , (iv) collect forensic evidence on-demand, at run-time for attribution, and (v) counter the attack through more advanced mechanisms such as migrating malicious code to a quarantined system.  ...  image of volatile memory.  ... 
doi:10.1145/2535771.2535794 dblp:conf/hotnets/HandTK13 fatcat:5qrfzi2ecjee5eq4s36qqldwgy

IoT-Forensics Meets Privacy: Towards Cooperative Digital Investigations

2018 Sensors  
IoT-Forensics is a novel paradigm for the acquisition of electronic evidence whose operation is conditioned by the peculiarities of the Internet of Things (IoT) context.  ...  As a branch of computer forensics, this discipline respects the most basic forensic principles of preservation, traceability, documentation, and authorization.  ...  Author Contributions: The three authors have equally contributed to the development of this paper. Conflicts of Interest: The authors declare no conflict of interest.  ... 
doi:10.3390/s18020492 pmid:29414864 pmcid:PMC5856102 fatcat:lh6m4vyof5hcrketj2ynu7utca

Forensic Analysis of Virtual Hard Drives

Patrick Tobin, Nhien-An Le-Khac, Tahar Kechadi
2017 Journal of Digital Forensics, Security and Law  
The issue of the volatility of virtual machines is perhaps the most pressing concern in any digital investigation.  ...  Current digital forensics tools do not fully address the complexities of data recovery that are posed by virtual hard drives.  ...  The Volatility Framework The Volatility Framework [14] is used in forensic memory analysis.  ... 
doi:10.15394/jdfsl.2017.1438 fatcat:bwzngoxi65g2bopp2ttkvounc4

IoT Forensics [chapter]

Sasa Mrdovic
2021 Security of Ubiquitous Computing Systems  
Key specifics of IoT forensics are explained. Issues that arise from IoT related challenges in all phases of a forensic investigation are presented.  ...  Some opportunities that IoT brings to forensics are pointed out. An example of an IoT forensics case is provided.  ...  Volatile, working memory, like RAM, can contain forensically interesting data.  ... 
doi:10.1007/978-3-030-10591-4_13 fatcat:jlzoh43sdjclvmwfcy22innzyi
« Previous Showing results 1 — 15 out of 943 results