Risks of live digital forensic analysis
作者: Brian D. Carrier
关键词: Data science 、 Forensic science 、 Digital forensics 、 Computer forensics 、 Computer science 、 General Computer Science
摘要: Live analysis tools have made a significant difference in capturing evidence during forensic investigations. Such tools, however, are far from infallible.
acm.org
sci-hub.se 参考文章(8)
Brian Carrier, File system forensic analysis ,(2005)
William A. Arbaugh, Timothy Fraser, Nick L. Petroni, Jesus Molina, Copilot - a coprocessor-based kernel runtime integrity monitor usenix security symposium. pp. 13- 13 ,(2004)
Chris Prosise, Kevin Mandia, Incident Response: Investigating Computer Crime ,(2001)
Greg Hoglund, Jamie Butler, Rootkits: Subverting the Windows Kernel ,(2005)
Ed Skoudis, Lenny Zeltser, Malware: Fighting Malicious Code ,(2003)
Yi-Min Wang, D. Beck, Binh Vo, R. Roussev, C. Verbowski, Detecting stealth software with Strider GhostBuster dependable systems and networks. pp. 368- 377 ,(2005) , 10.1109/DSN.2005.39
Brian D. Carrier, Joe Grand, A hardware-based memory acquisition procedure for digital investigations Digital Investigation. ,vol. 1, pp. 50- 60 ,(2004) , 10.1016/J.DIIN.2003.12.001
Ken Thompson, Reflections on trusting trust Communications of the ACM. ,vol. 27, pp. 761- 763 ,(1984) , 10.1145/358198.358210