Skip to Main content Skip to Navigation
Conference papers

Uncertainty in Live Forensics

Antonio Savoldi 1 Paolo Gubian 1 Isao Echizen 2
1 University of Brescia
2 NII - National Institute of Informatics
Abstract : The goal of live digital forensics is to collect crucial evidence that cannot be acquired under the well-known paradigm of post-mortem analysis. Volatile information in computer memory is ephemeral by definition and can be altered as a consequence of the live forensic approach. Every running tool on an investigated system leaves artifacts and changes the system state. This paper focuses on the understanding and measurement of the uncertainty related to the important and emerging paradigm of live forensic investigations. It also presents some practical examples related to the evaluation of uncertainty.
Keywords : Live forensics collection tools measurement of uncertainty
Document type :
Conference papers
Complete list of metadatas

Cited literature [11 references]  Display  Hide  Download
https://hal.inria.fr/hal-01060617
Contributor : Hal Ifip <>
Submitted on : Monday, November 27, 2017 - 4:51:57 PM
Last modification on : Thursday, March 5, 2020 - 4:46:43 PM

File

Vignette du document
SavoldiGE10.pdf
Files produced by the author(s)

Licence

Distributed under a Creative Commons Attribution 4.0 International License

Identifiers

Collections

IFIP-AICT-337 | IFIP-AICT | IFIP | IFIP-TC11 | IFIP-TC | IFIP-WG11-9 | IFIP-DF | IFIP-LNCS | IFIP-WG

Citation

Antonio Savoldi, Paolo Gubian, Isao Echizen. Uncertainty in Live Forensics. 6th IFIP WG 11.9 International Conference on Digital Forensics (DF), Jan 2010, Hong Kong, China. pp.171-184, ⟨10.1007/978-3-642-15506-2_12⟩. ⟨hal-01060617⟩

Export

BibTeX TEI DC DCterms EndNote

Share

Metrics

Record views

168

Files downloads

238