Digital forensics random access memory using live technique based on network attacked

2017 5th International Conference on Information and Communication Technology (ICoIC7) Pub Date : 2017-05-17 DOI:10.1109/ICOICT.2017.8074695

Periyadi, Giva Andriana Mutiara, Roni Wijaya

{"title":"Digital forensics random access memory using live technique based on network attacked","authors":"Periyadi, Giva Andriana Mutiara, Roni Wijaya","doi":"10.1109/ICOICT.2017.8074695","DOIUrl":null,"url":null,"abstract":"The development of information and communication technologies are increasing rapidly. The security of data processed and stored also must be prepared in higher security. One of the techniques in data security is digital forensics. Digital forensics is an investigative technique to identify or collect the information on a digital storage as evidence to expose crimes legally defensible. However, in this research we use a live forensics digital technique. Investigations using live forensics technique requires special handling because the volatile data in Random Access Memory which can be lost if the system is in off investigation. This investigation conducted on the system by dump memory investigator to the system which has been attacked and then transferred the file on system investigator. We investigate the data inside the RAM and make analysis about the accuracy using several cyber attacks like session hijacking, FTP attack, and illegal access. The result shows that all the attacks can be investigated and produced the evidence which is authentic, reliable, and defensible.","PeriodicalId":244500,"journal":{"name":"2017 5th International Conference on Information and Communication Technology (ICoIC7)","volume":"19 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2017-05-17","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"2017 5th International Conference on Information and Communication Technology (ICoIC7)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/ICOICT.2017.8074695","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}

引用次数: 0

Abstract

The development of information and communication technologies are increasing rapidly. The security of data processed and stored also must be prepared in higher security. One of the techniques in data security is digital forensics. Digital forensics is an investigative technique to identify or collect the information on a digital storage as evidence to expose crimes legally defensible. However, in this research we use a live forensics digital technique. Investigations using live forensics technique requires special handling because the volatile data in Random Access Memory which can be lost if the system is in off investigation. This investigation conducted on the system by dump memory investigator to the system which has been attacked and then transferred the file on system investigator. We investigate the data inside the RAM and make analysis about the accuracy using several cyber attacks like session hijacking, FTP attack, and illegal access. The result shows that all the attacks can be investigated and produced the evidence which is authentic, reliable, and defensible.

查看原文

微信好友朋友圈 QQ好友复制链接

本刊更多论文

基于网络攻击的随机存取存储器数字取证技术

信息通信技术的发展日新月异。处理和存储数据的安全性也必须在较高的安全性下做好准备。数据安全技术之一是数字取证。数字取证是一种调查技术，旨在识别或收集数字存储中的信息作为证据，以揭露在法律上可辩护的犯罪。然而，在这项研究中，我们使用了现场取证数字技术。使用现场取证技术进行调查需要特殊处理，因为随机存储器中的易失性数据在系统处于非调查状态时可能会丢失。这种调查是通过dump内存调查员对被攻击的系统进行的，然后将文件转移到系统调查员上。我们调查了RAM内部的数据，并使用会话劫持、FTP攻击和非法访问等几种网络攻击对其准确性进行了分析。结果表明，所有的攻击都可以被调查，并产生真实、可靠、可防御的证据。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

求助全文

约1分钟内获得全文去求助

来源期刊

2017 5th International Conference on Information and Communication Technology (ICoIC7)

自引率

0.00%

发文量