A new forensic model and its application to the collection, extraction and long term storage of screen content off a memory dump

Authors:
Stefan Kiltz;Tobias Hoppe;Jana Dittmann
Affiliations:
; ;
Venue:
DSP'09 Proceedings of the 16th international conference on Digital Signal Processing
Year:
2009

Citing 3
Cited 0

Using Cryptographic and Watermarking Algorithms

IEEE MultiMedia
Digital Evidence and Computer Crime

Digital Evidence and Computer Crime
Long-Term Preservation of Digital Documents: Principles and Practices

Long-Term Preservation of Digital Documents: Principles and Practices

Quantified Score

Hi-index	0.00

Visualization

Abstract

In this paper we show how to extract graphics content within a memory dump of a Windows-based system. This includes the assurance of integrity and authenticity of evidence gathered this way using cryptographic mechanisms. We introduce a forensic data model and investigate different forensic analysis steps within a phase-oriented manner to classify potential forensic methods. Furthermore we discuss approaches for long term preservation for the forensic data aquired from the memory dumps to ensure authenticity and integrity.