Risks of live digital forensic analysis
Communications of the ACM - Next-generation cyber forensics
Live forensics: diagnosing your system without killing it first
Communications of the ACM - Next-generation cyber forensics
Next-generation digital forensics
Communications of the ACM - Next-generation cyber forensics
Technical Challenges and Directions for Digital Forensics
SADFE '05 Proceedings of the First International Workshop on Systematic Approaches to Digital Forensic Engineering on Systematic Approaches to Digital Forensic Engineering
Acquiring volatile operating system data tools and techniques
ACM SIGOPS Operating Systems Review
Recovery of Encryption Keys from Memory Using a Linear Scan
ARES '08 Proceedings of the 2008 Third International Conference on Availability, Reliability and Security
A Model of Computer Live Forensics Based on Physical Memory Analysis
ICISE '09 Proceedings of the 2009 First IEEE International Conference on Information Science and Engineering
Live Analysis: Progress and Challenges
IEEE Security and Privacy
An overall assessment of Mobile Internal Acquisition Tool
Digital Investigation: The International Journal of Digital Forensics & Incident Response
BodySnatcher: Towards reliable volatile memory acquisition by software
Digital Investigation: The International Journal of Digital Forensics & Incident Response
Editorial: What does "forensically sound" really mean?
Digital Investigation: The International Journal of Digital Forensics & Incident Response
Visualization in testing a volatile memory forensic tool
Digital Investigation: The International Journal of Digital Forensics & Incident Response
Hi-index | 0.00 |
Live digital forensics presents unique challenges with respect to maintaining forensic soundness, but also offers the ability to examine information that is unavailable to quiescent analysis. Any perturbation of a live operating system by a forensic examiner will have far-reaching effects on the state of the system being analysed. Numerous approaches to live digital forensic evidence acquisition have been proposed in the literature, but relatively little attention has been paid to the problem of identifying how the effects of these approaches, and their improvements over other techniques, can be evaluated and quantified. In this paper, the authors present Pypette, a novel platform enabling the automated, repeatable analysis of live digital forensic acquisition techniques.