By Topic

Digital forensic research — The analysis of user input on volatile memory of Windows application

Sign In

Cookies must be enabled to login.After enabling cookies , please use refresh or reload or ctrl+f5 on the browser for the login options.

Formats Non-Member Member
$31 $13
Learn how you can qualify for the best price for this item!
Become an IEEE Member or Subscribe to
IEEE Xplore for exclusive pricing!
close button

puzzle piece

IEEE membership options for an individual and IEEE Xplore subscriptions for an organization offer the most affordable access to essential journal articles, conference papers, standards, eBooks, and eLearning courses.

Learn more about:

IEEE membership

IEEE Xplore subscriptions

4 Author(s)
Olajide, F. ; Sch. of Eng., Univ. of Portsmouth, Portsmouth, UK ; Savage, N. ; Akmayeva, G. ; Shoniregun, C.

This paper presents digital forensics analysis of user input on volatile memory of Windows applications. Identification of user input activities on Windows applications has become vital in forensic digital investigation. The extraction of user input information from physical memory may reveal useful information that could be used as evidence in crime cases; the information that may not be found on traditional hard disk forensic investigations. Digital forensic community feels the urge for the development of tools and techniques in volatile memory analysis. However, there have been few investigations into the amount of information that can be recovered from the application memory. This research reports the amount of evidence stored over time in Windows physical memory including, the quantitative and qualitative results of the experiments carried out on some commonly used Windows applications.

Published in:

Internet Security (WorldCIS), 2012 World Congress on

Date of Conference:

10-12 June 2012