Measure of integrity leakage in live forensic context
conference contribution
posted on 2008-01-01, 00:00 authored by Lei PanLei Pan, A Savoldi, P Gubian, Lynn BattenLynn BattenWhen a live digital forensic investigation is performed, a measure of integrity leakage related to the collection phase should be mandatory, by stating clearly the grade of blurredness of the acquired data object, such as the RAM memory. Current software approaches, which are often used for data acquisition, have not been able to quantify the dependency of the integrity leakage of factors observed from the host machine, which include the CPU usage, the size of the memory RAM and pagefile, and the execution priority of the acquisition tool. This paper analyzes the factors which affect preponderantly the integrity of the memory being collected from a live computer system. By applying fuzzy measures, we establish an integrity leakage function. © 2008 IEEE.
History
Pagination
534-537Location
Harbin, ChinaPublisher DOI
Start date
2008-08-15End date
2008-08-17ISBN-13
9780769532783ISBN-10
0769532780Language
engPublication classification
E Conference publication, E1.1 Full written paper - refereedCopyright notice
2008, IEEEEditor/Contributor(s)
Pan JTitle of proceedings
IIH-MSP 2008 : Proceedings of the Intelligent Information Hiding and Multimedia Signal Processing 2008 international conferenceEvent
Intelligent Information Hiding and Multimedia Signal Processing. International Conference (4th : 2008 : Harbin, China)Publisher
IEEE Computer SocietyPlace of publication
Los Alamitos, Calif.Series
Intelligent Information Hiding and Multimedia Signal Processing International ConferenceUsage metrics
Categories
No categories selectedKeywords
TechnologyComputer Science, Artificial IntelligenceComputer Science, Theory & MethodsEngineering, Electrical & ElectronicImaging Science & Photographic TechnologyTelecommunicationsComputer ScienceEngineeringMemory080108 Neural, Evolutionary and Fuzzy Computation970108 Expanding Knowledge in the Information and Computing SciencesSchool of Information Technology
Licence
Exports
RefWorks
BibTeX
Ref. manager
Endnote
DataCite
NLM
DC