Digital evidence collection process in integrity and memory information gathering

S
SADFE
2005
First International Workshop on Systematic Approaches to Digital Forensic Engineering (SADFE'05)
Abstract - Digital evidence collection process in integrity and memory information gathering

	This Article
	Subscribers, please Login Purchase article: $19 PDF IEEE Xplore Subscribers RSS feed
	Share
	Email this Article to a friend
	Bibliographic References
	ASCII Text BibTex RefWorks Procite/RefMan
	Add to:
	Digg Furl Spurl Blink Simpy Google Del.icio.us Y!MyWeb
	Search
	Similar Articles Articles by Seokhee Lee Articles by Hyunsang Kim Articles by Sangjin Lee Articles by Jongin Lim

First International Workshop on Systematic Approaches to Digital Forensic Engineering (SADFE'05)

Taipei, Taiwan

November 07-November 09

ISBN: 0-7695-2478-8

	ASCII Text	x
	Seokhee Lee, Hyunsang Kim, Sangjin Lee, Jongin Lim, "Digital evidence collection process in integrity and memory information gathering," Systematic Approaches to Digital Forensic Engineering, IEEE International Workshop on, pp. 236-247, First International Workshop on Systematic Approaches to Digital Forensic Engineering (SADFE'05), 2005.

	BibTex	x
	@article{ 10.1109/SADFE.2005.9, author = {Seokhee Lee and Hyunsang Kim and Sangjin Lee and Jongin Lim}, title = {Digital evidence collection process in integrity and memory information gathering}, journal ={Systematic Approaches to Digital Forensic Engineering, IEEE International Workshop on}, volume = {0}, year = {2005}, isbn = {0-7695-2478-8}, pages = {236-247}, doi = {http://doi.ieeecomputersociety.org/10.1109/SADFE.2005.9}, publisher = {IEEE Computer Society}, address = {Los Alamitos, CA, USA}, }

	RefWorks Procite/RefMan/Endnote	x
	TY - CONF JO - Systematic Approaches to Digital Forensic Engineering, IEEE International Workshop on TI - Digital evidence collection process in integrity and memory information gathering SN - 0-7695-2478-8 SP236 EP247 A1 - Seokhee Lee, A1 - Hyunsang Kim, A1 - Sangjin Lee, A1 - Jongin Lim, PY - 2005 KW - null VL - 0 JA - Systematic Approaches to Digital Forensic Engineering, IEEE International Workshop on ER -

Seokhee Lee, Graduate School of Information Security in Korea University

Hyunsang Kim, Graduate School of Information Security in Korea University

Sangjin Lee, Graduate School of Information Security in Korea University

Jongin Lim, Graduate School of Information Security in Korea University

DOI Bookmark: http://doi.ieeecomputersociety.org/10.1109/SADFE.2005.9

In this paper, we inspect general digital evidence collection process which is according to RFC3227 document[1], and establish specific steps for guaranteeing integrity of digital evidence and memory information collection. EnCase[4] which was used globally has a weakness that MDC value of digital evidence can be modified, hence we propose MDC public system, MAC system and Public authentication system with PKI as a countermeasure. And we explain detail of each system. Besides, we include memory dump process to existing digital evidence collection process, and examine privacy information through dumping real user?s memory and collecting pagefile which is part of virtual memory system.

Citation:

Seokhee Lee, Hyunsang Kim, Sangjin Lee, Jongin Lim, "Digital evidence collection process in integrity and memory information gathering," sadfe, pp.236-247, First International Workshop on Systematic Approaches to Digital Forensic Engineering (SADFE'05), 2005

Peer Review Notice | Give Us Feedback

Usage of this product signifies your acceptance of the Terms of Use.