Digital evidence collection process in integrity and memory information gathering
SADFE '05 Proceedings of the First International Workshop on Systematic Approaches to Digital Forensic Engineering on Systematic Approaches to Digital Forensic Engineering
Automated recognition of event scenarios for digital forensics
Proceedings of the 2006 ACM symposium on Applied computing
A preliminary design for digital forensics analysis of terabyte size data sets
Proceedings of the 2007 ACM symposium on Applied computing
Conducting forensic investigations of cyber attacks on automobile in-vehicle networks
Proceedings of the 1st international conference on Forensic applications and techniques in telecommunications, information, and multimedia and workshop
A proposal for an integrated memory acquisition mechanism
ACM SIGOPS Operating Systems Review
Acquiring volatile operating system data tools and techniques
ACM SIGOPS Operating Systems Review
Proposal for Efficient Searching and Presentation in Digital Forensics
ARES '08 Proceedings of the 2008 Third International Conference on Availability, Reliability and Security
Proceedings of the 10th annual conference companion on Genetic and evolutionary computation
Two-Dimensional Evidence Reliability Amplification Process Model for Digital Forensics
WDFIA '08 Proceedings of the 2008 Third International Annual Workshop on Digital Forensics and Incident Analysis
Guide to Computer Forensics and Investigations
Guide to Computer Forensics and Investigations
Imagined communities: awareness, information sharing, and privacy on the facebook
PET'06 Proceedings of the 6th international conference on Privacy Enhancing Technologies
Using every part of the buffalo in Windows memory analysis
Digital Investigation: The International Journal of Digital Forensics & Incident Response
Hi-index | 0.00 |
The essence of this paper is to illustrate live data acquisition within the random access memory of a notebook trying to utilize the collected digital evidences in order to partially reconstruct previous Gmail session, which could be probative digital evidence in a court of law. The proposed framework is essentially crucial for the investigation of certain related cybercrimes on the basis of the digital breadcrumb trails being professionally disclosed and appropriately handled. Without loss of generality, the volatile data would vanish forever when the power of the computing devices is no longer sustainable. This research pinpoints the imminent threat of IT savvy cyber criminals and the corresponding counter procedures used to crack criminal cases if web-based e-mail utilities are essentially involved. This paper is focused on the prevalent e-mail utility, Gmail, as the research subject. At last, live digital evidence acquisition must be accurately fulfilled before the seizure of the computing devices in the crime scene to avoid irreversible investigation procedures which mean the digital evidences could be deleted, resulting in the loss of probative evidence. Copyright © 2012 John Wiley & Sons, Ltd.