File(s) under permanent embargo
Measure of integrity leakage in live forensic context
conference contribution
posted on 2008-01-01, 00:00 authored by Lei PanLei Pan, A Savoldi, P Gubian, Lynn BattenLynn BattenWhen a live digital forensic investigation is performed, a measure of integrity leakage related to the collection phase should be mandatory, by stating clearly the grade of blurredness of the acquired data object, such as the RAM memory. Current software approaches, which are often used for data acquisition, have not been able to quantify the dependency of the integrity leakage of factors observed from the host machine, which include the CPU usage, the size of the memory RAM and pagefile, and the execution priority of the acquisition tool. This paper analyzes the factors which affect preponderantly the integrity of the memory being collected from a live computer system. By applying fuzzy measures, we establish an integrity leakage function. © 2008 IEEE.
History
Event
Intelligent Information Hiding and Multimedia Signal Processing. International Conference (4th : 2008 : Harbin, China)Series
Intelligent Information Hiding and Multimedia Signal Processing International ConferencePagination
534 - 537Publisher
IEEE Computer SocietyLocation
Harbin, ChinaPlace of publication
Los Alamitos, Calif.Publisher DOI
Start date
2008-08-15End date
2008-08-17ISBN-13
9780769532783ISBN-10
0769532780Language
engPublication classification
E Conference publication; E1.1 Full written paper - refereedCopyright notice
2008, IEEEEditor/Contributor(s)
J PanTitle of proceedings
IIH-MSP 2008 : Proceedings of the Intelligent Information Hiding and Multimedia Signal Processing 2008 international conferenceUsage metrics
Categories
No categories selectedKeywords
Licence
Exports
RefWorks
BibTeX
Ref. manager
Endnote
DataCite
NLM
DC