Abstract
As almost 90% of malware is resident in memory, live memory forensics is an essential part of cybersecurity. Live memory forensics refers to the process of analyzing computer RAM or volatile memory (which is lost after rebooting) while the computer is running. This article provides depth on live memory forensics, which is key in the detection and analysis of cyber threats and forensics investigations. Case studies and actual events demonstrate how this method can detect unauthorized access and discover hidden malware, which will help law enforcement investigators. The practical uses of Live Memory Forensics are illustrated using real world examples. Currently, live memory forensics are faced with the temporal nature of volatile data, other technical challenges, the instantiation of indirect data related to data privacy, and evidence handling problems. The paper emphasizes the importance of moral attitude and careful handling of data to keep the forensic process incorrupt. Investigators and cybersecurity professionals should now have a good understanding of live memory forensics and how to utilize live memory forensics to enhance security across borders, not just as a detective technique.
Published Version
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
More From: International Journal for Electronic Crime Investigation
Disclaimer: All third-party content on this website/platform is and will remain the property of their respective owners and is provided on "as is" basis without any warranties, express or implied. Use of third-party content does not indicate any affiliation, sponsorship with or endorsement by them. Any references to third-party content is to identify the corresponding services and shall be considered fair use under The CopyrightLaw.