FRINK Linked Data Fragments server

Matches in SemOpenAlex for { <https://semopenalex.org/work/W153361566> ?p ?o ?g. }

• W153361566 abstract "With the ubiquitous application of IT in different industries, digital forensic has become an essential element in IT security for discovering and mitigating the root causes of IT incidents. In this context, forensics memory analysis has recently gained great attention in cyber forensics community. However, most of the proposals in this area have focused on the extraction of important kernel data structures such as executive objects from the memory. This thesis discusses techniques for forensic analysis of Windows physical memory. The state of the art on digital forensic with focus on memory forensic is elaborated in this thesis. Additionally the thesis introduces new techniques for Windows memory forensics. The techniques that are elaborated in this thesis are classified into two categories; physical memory parsing, and execution history analysis. The first category introduces different in-memory structures of Windows operating system that are of forensic value during a digital investigation. The second category proposes an approach to analyze the stack memory of process threads to reveal partial execution histories of processes. The result of applying this technique enables the investigator to discover what actions performed by processes at the time of the incident. An algorithm was developed for this purpose that produces all the possible execution history paths. At the end, the introduced techniques are evaluated and empirical results are provided." @default.
• W153361566 created "2016-06-24" @default.
• W153361566 creator A5047950075 @default.
• W153361566 date "2008-01-01" @default.
• W153361566 modified "2023-09-27" @default.
• W153361566 title "Forensic analysis of WIndows physical memory" @default.
• W153361566 hasPublicationYear "2008" @default.
• W153361566 type Work @default.
• W153361566 sameAs 153361566 @default.
• W153361566 citedByCount "1" @default.
• W153361566 crossrefType "dissertation" @default.
• W153361566 hasAuthorship W153361566A5047950075 @default.
• W153361566 hasConcept C111919701 @default.
• W153361566 hasConcept C151730666 @default.
• W153361566 hasConcept C2779343474 @default.
• W153361566 hasConcept C2781357168 @default.
• W153361566 hasConcept C38652104 @default.
• W153361566 hasConcept C41008148 @default.
• W153361566 hasConcept C50747538 @default.
• W153361566 hasConcept C556601545 @default.
• W153361566 hasConcept C84418412 @default.
• W153361566 hasConcept C86803240 @default.
• W153361566 hasConcept C98045186 @default.
• W153361566 hasConceptScore W153361566C111919701 @default.
• W153361566 hasConceptScore W153361566C151730666 @default.
• W153361566 hasConceptScore W153361566C2779343474 @default.
• W153361566 hasConceptScore W153361566C2781357168 @default.
• W153361566 hasConceptScore W153361566C38652104 @default.
• W153361566 hasConceptScore W153361566C41008148 @default.
• W153361566 hasConceptScore W153361566C50747538 @default.
• W153361566 hasConceptScore W153361566C556601545 @default.
• W153361566 hasConceptScore W153361566C84418412 @default.
• W153361566 hasConceptScore W153361566C86803240 @default.
• W153361566 hasConceptScore W153361566C98045186 @default.
• W153361566 hasLocation W1533615661 @default.
• W153361566 hasOpenAccess W153361566 @default.
• W153361566 hasPrimaryLocation W1533615661 @default.
• W153361566 hasRelatedWork W1485838250 @default.
• W153361566 hasRelatedWork W195713503 @default.
• W153361566 hasRelatedWork W2003744325 @default.
• W153361566 hasRelatedWork W2061005119 @default.
• W153361566 hasRelatedWork W2061745606 @default.
• W153361566 hasRelatedWork W2068661019 @default.
• W153361566 hasRelatedWork W2123068145 @default.
• W153361566 hasRelatedWork W2307789772 @default.
• W153361566 hasRelatedWork W2375204672 @default.
• W153361566 hasRelatedWork W2379913564 @default.
• W153361566 hasRelatedWork W2469994378 @default.
• W153361566 hasRelatedWork W2475018646 @default.
• W153361566 hasRelatedWork W2485980299 @default.
• W153361566 hasRelatedWork W2533232930 @default.
• W153361566 hasRelatedWork W270389940 @default.
• W153361566 hasRelatedWork W2783242968 @default.
• W153361566 hasRelatedWork W2889664417 @default.
• W153361566 hasRelatedWork W3019883827 @default.
• W153361566 hasRelatedWork W3022415642 @default.
• W153361566 hasRelatedWork W2185928657 @default.
• W153361566 isParatext "false" @default.
• W153361566 isRetracted "false" @default.
• W153361566 magId "153361566" @default.
• W153361566 workType "dissertation" @default.