Communications of the ACM
Incident Response: Investigating Computer Crime
Incident Response: Investigating Computer Crime
Malware: Fighting Malicious Code
Malware: Fighting Malicious Code
File System Forensic Analysis
Rootkits: Subverting the Windows Kernel
Rootkits: Subverting the Windows Kernel
Detecting Stealth Software with Strider GhostBuster
DSN '05 Proceedings of the 2005 International Conference on Dependable Systems and Networks
Copilot - a coprocessor-based kernel runtime integrity monitor
SSYM'04 Proceedings of the 13th conference on USENIX Security Symposium - Volume 13
A hardware-based memory acquisition procedure for digital investigations
Digital Investigation: The International Journal of Digital Forensics & Incident Response
A methodology for the repeatable forensic analysis of encrypted drives
Proceedings of the 1st European Workshop on System Security
Acquiring volatile operating system data tools and techniques
ACM SIGOPS Operating Systems Review
Windows Vista and digital investigations
Digital Investigation: The International Journal of Digital Forensics & Incident Response
On metadata context in Database Forensics
Digital Investigation: The International Journal of Digital Forensics & Incident Response
Pypette: A Platform for the Evaluation of Live Digital Forensics
International Journal of Digital Crime and Forensics
Hi-index | 0.00 |
Live analysis tools have made a significant difference in capturing evidence during forensic investigations. Such tools, however, are far from infallible.