Digital evidence collection process in integrity and memory information gathering

Seokhee Lee, Hyunsang Kim, Sangjin Lee, Jongin Lim

Research output: Chapter in Book/Report/Conference proceedingConference contribution

15 Citations (Scopus)

Abstract

In this paper, we inspect general digital evidence collection process which is according to RFC3227 document[1], and establish specific steps for guaranteeing integrity of digital evidence and memory information collection, EnCase™[4] which was used globally has a weakness that MDC value of digital evidence can be modified, hence we propose MDC public system, MAC system and Public authentication system with PKI as a countermeasure. And we explain detail of each system. Besides, we include memory dump process to existing digital evidence collection process, and examine privacy information through dumping real user's memory and collecting pagefile which is part of virtual memory system.

Original languageEnglish
Title of host publicationProceedings - First International Workshop on Systematic Approaches to Digital Forensic Engineering
Pages236-247
Number of pages12
DOIs
Publication statusPublished - 2005
EventProceedings - First International Workshop on Systematic Approaches to Digital Forensic Engineering - Taipei, Taiwan, Province of China
Duration: 2005 Nov 72005 Nov 9

Publication series

NameProceedings - First International Workshop on Systematic Approaches to Digital Forensic Engineering
Volume2005

Other

OtherProceedings - First International Workshop on Systematic Approaches to Digital Forensic Engineering
Country/TerritoryTaiwan, Province of China
CityTaipei
Period05/11/705/11/9

ASJC Scopus subject areas

  • Engineering(all)

Fingerprint

Dive into the research topics of 'Digital evidence collection process in integrity and memory information gathering'. Together they form a unique fingerprint.

Cite this