Abstract
I would like to explain a method how to get important data from a volatile data securely, when we are not available to use network in computer system by incident. The main idea is that the first investigator who collects a volatile data by applying scripts built in USB media should be in crime scene at the time. In according to volatile data, he generates hash value, and gets witness signature. After that, he analyses the volatile data with authentication in forensics system.
This is a preview of subscription content, log in via an institution to check access.
Preview
Unable to display preview. Download preview PDF.
Similar content being viewed by others
References
RFC 3227 Guidelines for Evidence Collection and Archiving (2002)
scene of the cybercrime computer forensics handbook, Debra Littlejohn Shinder Ed tittel
Warren, G., Kruse II, J., Heiser, G.: COMPUTER FORENSICS: Incident response Essentials. Addison Wesley, Reading (2001)
Mandia, K., prosise, C., Pepe, M.: Incident response and computer forensics, 2nd edn.
Park, Y.-S., Oh, S.-M., Choi, Y.-R.: Design of Digital Evidence Collection Model for Integrated Forensics. In: KIAS2005 Conference, vol. 11 (2005)
Author information
Authors and Affiliations
Editor information
Rights and permissions
Copyright information
© 2007 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Kim, YH., Lee, D.H., Kim, K.J. (2007). A Stable Evidence Collection Procedure of a Volatile Data in Research. In: Gervasi, O., Gavrilova, M.L. (eds) Computational Science and Its Applications – ICCSA 2007. ICCSA 2007. Lecture Notes in Computer Science, vol 4706. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-540-74477-1_18
Download citation
DOI: https://doi.org/10.1007/978-3-540-74477-1_18
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-74475-7
Online ISBN: 978-3-540-74477-1
eBook Packages: Computer ScienceComputer Science (R0)