TY - GEN
T1 - Password recovery using an evidence collection tool and countermeasures
AU - Lee, Seokhee
AU - Savoldi, Antonio
AU - Lee, Sangjin
AU - Lim, Jongin
PY - 2007
Y1 - 2007
N2 - In this paper we propose a methodology used to analyse collected pagefiles belonging to public computers using a pagefile collection tool (PCT), which is suitable to be used in a live forensics context. After that, we investigated how to gather sensitive information such as passwords and usernames, which we found in half of the analysed pagefiles. Undoubtedly, this fact can be used by a forensics practitioner to solve the investigation faster, by using such information in order to acquire useful information about a crime. However, if such forensic pagefile collection tool was used as a hacking tool, it could cause leakage of privacy information. To be more precise, it allows easy gathering of critical information such as passwords and credit card numbers. Accordingly, in order to solve this problem, we have proposed a programming methodology to prevent the "swap-out" of sensitive information from main memory to pagefile. Finally, we also proposed a system model to perform the encryption of pagefile memory in order to improve the security of a computer system.
AB - In this paper we propose a methodology used to analyse collected pagefiles belonging to public computers using a pagefile collection tool (PCT), which is suitable to be used in a live forensics context. After that, we investigated how to gather sensitive information such as passwords and usernames, which we found in half of the analysed pagefiles. Undoubtedly, this fact can be used by a forensics practitioner to solve the investigation faster, by using such information in order to acquire useful information about a crime. However, if such forensic pagefile collection tool was used as a hacking tool, it could cause leakage of privacy information. To be more precise, it allows easy gathering of critical information such as passwords and credit card numbers. Accordingly, in order to solve this problem, we have proposed a programming methodology to prevent the "swap-out" of sensitive information from main memory to pagefile. Finally, we also proposed a system model to perform the encryption of pagefile memory in order to improve the security of a computer system.
UR - http://www.scopus.com/inward/record.url?scp=47349110877&partnerID=8YFLogxK
U2 - 10.1109/IIH-MSP.2007.238
DO - 10.1109/IIH-MSP.2007.238
M3 - Conference contribution
AN - SCOPUS:47349110877
SN - 0769529941
SN - 9780769529943
T3 - Proceedings - 3rd International Conference on Intelligent Information Hiding and Multimedia Signal Processing, IIHMSP 2007.
SP - 97
EP - 102
BT - Proceedings - 3rd International Conference on Intelligent Information Hiding and Multimedia Signal Processing, IIHMSP 2007.
T2 - 3rd International Conference on Intelligent Information Hiding and Multimedia Signal Processing, IIHMSP 2007
Y2 - 26 November 2007 through 28 November 2007
ER -