[PDF][PDF] Comparison of acquisition software for digital forensics purposes
MN Faiz, WA Prabowo - Kinet. Game Technol. Inf. Syst. Comput …, 2018 - academia.edu
Kinet. Game Technol. Inf. Syst. Comput. Netw. Comput. Electron. Control, 2018•academia.edu
Digital Forensics, a term that is increasingly popular with internet needs and increasing
cybercrime activity. Cybercrime is a criminal activity with digital media as a tool for
committing crimes. The process for uncovering cybercrime is called digital forensics. The
initial stage in digital forensics is an acquisition. The acquisition phase is very important
because it will affect the level of difficulty and ease in investigating cybercrime. Software
acquisition will affect the abandoned artefacts and even overwrite important evidence by the …
cybercrime activity. Cybercrime is a criminal activity with digital media as a tool for
committing crimes. The process for uncovering cybercrime is called digital forensics. The
initial stage in digital forensics is an acquisition. The acquisition phase is very important
because it will affect the level of difficulty and ease in investigating cybercrime. Software
acquisition will affect the abandoned artefacts and even overwrite important evidence by the …
Abstract
Digital Forensics, a term that is increasingly popular with internet needs and increasing cybercrime activity. Cybercrime is a criminal activity with digital media as a tool for committing crimes. The process for uncovering cybercrime is called digital forensics. The initial stage in digital forensics is an acquisition. The acquisition phase is very important because it will affect the level of difficulty and ease in investigating cybercrime. Software acquisition will affect the abandoned artefacts and even overwrite important evidence by the software, therefore investigators must use the best software for the acquisition stage. This study shows the difference in software for the acquisition of the best Random-Access Memory (RAM) such as processing time, memory usage, registry key, DLL. This research presents five acquisition software such as FTK Imager, Belkasoft RAM Capturer, Memoryze, DumpIt, Magnet RAM Capturer. Results of this study showed that FTK Imager left about 10 times more artefacts than DumpIt and Memoryze. Magnet RAM Capture the most artefacts, 4 times more than Belkasot RAM Capturer. Software acquisition with many artefacts, namely Capture RAM Magnet and FTK Imager, while for the fastest time is DumpIt and Capture RAM Magnet for software that takes a long time.
academia.edu
以上显示的是最相近的搜索结果。 查看全部搜索结果