Open Access. Powered by Scholars. Published by Universities.®
Articles 1 - 1 of 1
Full-Text Articles in Entire DC Network
Analysis Of Forensic Artifacts In Database Memory Using Support Vector Machine, Mahfuzul I. Nissan
Analysis Of Forensic Artifacts In Database Memory Using Support Vector Machine, Mahfuzul I. Nissan
University of New Orleans Theses and Dissertations
Memory analysis allows forensic investigators to establish a more complete timeline of system activity using a snapshot of main memory (i.e., RAM). Investigators may rely on such analysis to detect malicious activity and understand the scope of what data was exfiltrated. This is of particular interest in the presence of incomplete or untrusted logs, where a privileged user (or an attacker with such capabilities) can altogether bypass or disable logging. In such instances, a forensic investigator can still rely on the fact that data must ultimately be processed in memory, regardless of the information that is recorded in audit logs. …