Deakin University
Browse

File(s) under permanent embargo

Measure of integrity leakage in live forensic context

conference contribution
posted on 2008-01-01, 00:00 authored by Lei PanLei Pan, A Savoldi, P Gubian, Lynn BattenLynn Batten
When a live digital forensic investigation is performed, a measure of integrity leakage related to the collection phase should be mandatory, by stating clearly the grade of blurredness of the acquired data object, such as the RAM memory. Current software approaches, which are often used for data acquisition, have not been able to quantify the dependency of the integrity leakage of factors observed from the host machine, which include the CPU usage, the size of the memory RAM and pagefile, and the execution priority of the acquisition tool. This paper analyzes the factors which affect preponderantly the integrity of the memory being collected from a live computer system. By applying fuzzy measures, we establish an integrity leakage function. © 2008 IEEE.

History

Pagination

534-537

Location

Harbin, China

Start date

2008-08-15

End date

2008-08-17

ISBN-13

9780769532783

ISBN-10

0769532780

Language

eng

Publication classification

E Conference publication, E1.1 Full written paper - refereed

Copyright notice

2008, IEEE

Editor/Contributor(s)

Pan J

Title of proceedings

IIH-MSP 2008 : Proceedings of the Intelligent Information Hiding and Multimedia Signal Processing 2008 international conference

Event

Intelligent Information Hiding and Multimedia Signal Processing. International Conference (4th : 2008 : Harbin, China)

Publisher

IEEE Computer Society

Place of publication

Los Alamitos, Calif.

Series

Intelligent Information Hiding and Multimedia Signal Processing International Conference