Uncertainty in Live Forensics - Advances in Digital Forensics VI
Conference Papers Year : 2010

Uncertainty in Live Forensics

Abstract

The goal of live digital forensics is to collect crucial evidence that cannot be acquired under the well-known paradigm of post-mortem analysis. Volatile information in computer memory is ephemeral by definition and can be altered as a consequence of the live forensic approach. Every running tool on an investigated system leaves artifacts and changes the system state. This paper focuses on the understanding and measurement of the uncertainty related to the important and emerging paradigm of live forensic investigations. It also presents some practical examples related to the evaluation of uncertainty.

Domains

Digital Libraries [cs.DL]
Fichier principal
Vignette du fichier
SavoldiGE10.pdf (1.18 Mo) Télécharger le fichier
Origin Files produced by the author(s)

Hal Ifip  : Connect in order to contact the contributor

https://inria.hal.science/hal-01060617

Submitted on : Monday, November 27, 2017-4:51:57 PM

Last modification on : Friday, April 5, 2024-2:38:02 PM

Download

Dates and versions

hal-01060617 , version 1 (27-11-2017)

Licence

Attribution

Identifiers

Cite

Antonio Savoldi, Paolo Gubian, Isao Echizen. Uncertainty in Live Forensics. 6th IFIP WG 11.9 International Conference on Digital Forensics (DF), Jan 2010, Hong Kong, China. pp.171-184, ⟨10.1007/978-3-642-15506-2_12⟩. ⟨hal-01060617⟩

Export

BibTeX XML-TEI Dublin Core DC Terms EndNote DataCite

Collections

IFIP-LNCS IFIP IFIP-AICT IFIP-AICT-337 IFIP-TC IFIP-WG IFIP-TC11 IFIP-DF IFIP-WG11-9
84 View
168 Download

Altmetric

Share

More