On the Identification of Information Extracted from Windows Physical Memory

Olajide, F. and Savage, N. 2012. On the Identification of Information Extracted from Windows Physical Memory. International Journal for Information Security Research (IJISR). 2 (3), pp. 164-168. https://doi.org/10.20533/ijisr.2042.4639.2012.0020

TitleOn the Identification of Information Extracted from Windows Physical Memory
TypeJournal article
AuthorsOlajide, F. and Savage, N.
Abstract

Forensic investigation of the physical memory of computer systems is gaining the attention of experts in the digital forensics community. Forensic investigators find it helpful to seize and capture data from the physical memory and perform post-incident analysis when identifying potential evidence. However, there have been few investigations which have identified the quantity and quality of information that can be recovered from only the computer system memory (RAM) while the application is still running. In this paper, we present the results of investigations carried out to identify relevant information that has been extracted from the physical memory of computer systems running Windows XP. We found fragments of partial evidence from allocated memory segments. This evidence was dispersed in the physical memory that had been allocated to the application. The identification of this information is useful to forensic investigators as this approach can uncover what a user is doing on the application which can be used as evidence.

JournalInternational Journal for Information Security Research (IJISR)
Journal citation2 (3), pp. 164-168
Year2012
PublisherInfonomics Society
Publisher's version
License
CC BY 4.0
File Access Level
Open (open metadata and files)
Digital Object Identifier (DOI)https://doi.org/10.20533/ijisr.2042.4639.2012.0020
Publication dates
PublishedSep 2012

Related outputs

Security and Privacy Issues in IoT Healthcare Application for Disabled Users in Developing Economies
Assa-Agyei, K., Olajide, F. and Lotfi, A. 2022. Security and Privacy Issues in IoT Healthcare Application for Disabled Users in Developing Economies. Journal of Internet Technology and Secured Transactions (JITST). 10 (1), pp. 770-779. https://doi.org/10.20533/jitst.2046.3723.2022.0095

Towards the Design of an Intelligent Automation Framework for Business Processes
Olajide, F. 2022. Towards the Design of an Intelligent Automation Framework for Business Processes. The 5th International Conference on Information and Computer Technologies (ICICT 2022). New York City, The United States 04 - 06 Mar 2022 IEEE . https://doi.org/10.1109/ICICT55905.2022.00010

A Cost-benefit Analysis of Information Security Mitigation Methods for ORVIs
Street, J. and Olajide, F. 2021. A Cost-benefit Analysis of Information Security Mitigation Methods for ORVIs. Journal of Internet Technology and Secured Transactions (JITST). 9 (1), pp. 747-755. https://doi.org/10.20533/jitst.2046.3723.2021.0092

Using Hyperledger Fabric Blockchain to Maintain the Integrity of Digital Evidence in a Containerised Cloud Ecosystem
Awuson-David, K., Al-Hadhrami, T., Olajide, F. and Lotfi, A. 2020. Using Hyperledger Fabric Blockchain to Maintain the Integrity of Digital Evidence in a Containerised Cloud Ecosystem. 4th International Conference of Reliable Information and Communication Technology 2019 (IRICT 2019). Johor, Malaysia 22 - 23 Sep 2019 Springer. https://doi.org/10.1007/978-3-030-33582-3_79

A technological approach towards the measurement of enterprise agility
Williams, O C. and Olajide, F. 2020. A technological approach towards the measurement of enterprise agility. 15th Iberian Conference on Information Systems and Technologies (CISTI). Seville, Spain 24 - 27 Jun 2020 IEEE . https://doi.org/10.23919/CISTI49556.2020.9141142

Sensor Network in Automated Hand Hygiene Systems Using IoT for Public Building
Olajide, F. 2020. Sensor Network in Automated Hand Hygiene Systems Using IoT for Public Building. 4th International Conference of Reliable Information and Communication Technology 2019 (IRICT 2019). Johor, Malaysia 22 - 23 Sep 2019 Springer. pp. 463–476 https://doi.org/10.1007/978-3-030-33582-3_44

Exploring process of information systems and information technology for enterprise agility
Williams, O., Olajide, F., Al-Hadhrami, T. and Lotfi, A. 2019. Exploring process of information systems and information technology for enterprise agility. 4th International Conference of Reliable Information and Communication Technology 2019 (IRICT 2019). Johor, Malaysia 22 - 23 Sep 2019 Springer. https://doi.org/10.1007/978-3-030-33582-3_98

Forensic Use Case Analysis of User Input in Windows Application
Olajide, F., Al-hadrami, T. and James-Taylor, A. 2018. Forensic Use Case Analysis of User Input in Windows Application. 3rd International Conference of Reliable Information and Communication Technology (IRICT 2018). Kuala Lumpur, Malaysia 23 - 24 Jul 2018 Springer. https://doi.org/10.1007/978-3-319-99007-1_58

Digital Investigation and Forensic User Analysis
Olajide, F., Al-Hadrami, T. and James-Taylor, A. 2018. Digital Investigation and Forensic User Analysis. 3rd International Conference of Reliable Information and Communication Technology (IRICT 2018). Kuala Lumpur, Malaysia 23 - 24 Jul 2018 Springer. https://doi.org/10.1007/978-3-319-99007-1_59

Power aware routing algorithms (PARA) in wireless mesh networks for emergency management
Olajide, F. 2018. Power aware routing algorithms (PARA) in wireless mesh networks for emergency management. PLoS ONE. 13 (10). https://doi.org/10.1371/journal.pone.0204751

Framework Design for Implementation of Secured TPM on E-commerce
Kennedy, C.G., Cho, D., Olajide, F. and John, S. 2017. Framework Design for Implementation of Secured TPM on E-commerce. 12th International Conference on Cyber Warfare and Security ICCWS 2017. Wright State University with the Air Force Institute of Technology, Dayton, USA ACPI.

Network forensics tools in a mixed-network environment and the adoption of e-voting system in developing countries
Olajide, F. 2016. Network forensics tools in a mixed-network environment and the adoption of e-voting system in developing countries. International Journal of Pharmacy and Technology. 8 (4), pp. 23115-23128.

On the investigation of social network analysis for E-commerce transaction in south-west region of Nigeria
Olajide, F., Adeshakin, K., Misra, S. and Ayo, C.K. 2016. On the investigation of social network analysis for E-commerce transaction in south-west region of Nigeria. International Journal of Pharmacy & Technology. 8 (4).

Towards the investigation of using social network analysis for counter terrorism in West Africa: case study of Boko Haram in Nigeria
Olajide, F. and Adeshakin, K. 2016. Towards the investigation of using social network analysis for counter terrorism in West Africa: case study of Boko Haram in Nigeria. Journal of Engineering Science and Technology. 11 (11), pp. 1629 - 1638.

Developing a state of the art methodology & toolkit for ICS SCADA forensics
Olajide, F. 2016. Developing a state of the art methodology & toolkit for ICS SCADA forensics. International Journal of Industrial Control Systems Security. 1 (2), pp. 44-56. https://doi.org/10.20533/ijicss.9781.9083.20346.2016.0005

Realtime fraud detection in the banking sector using data mining techniques/algorithm
Olajide, F. 2016. Realtime fraud detection in the banking sector using data mining techniques/algorithm. 2016 International Conference on Computational Science and Computational Intelligence (CSCI). Las Vegas, NV 15 - 16 Dec 2016 IEEE . https://doi.org/10.1109/CSCI.2016.0224

Sequences of numbers obtained by digit and iterative digit sums of Sophie Germain primes and its variants
Olajide, F. 2016. Sequences of numbers obtained by digit and iterative digit sums of Sophie Germain primes and its variants. Global Journal of Pure and Applied Mathematics. 12 (2), pp. 1473-1480.

Implementation of the enhanced fingerprint authentication in the ATM system using ATmega128
Olajide, F. 2016. Implementation of the enhanced fingerprint authentication in the ATM system using ATmega128. International Conference on Security and Management (SAM). Las Vegas, USA 25 - 28 Jul 2016 The Steering Committee of The World Congress in Computer Science, Computer Engineering and Applied Computing (WorldComp).

Forensic Live Response: Why an Object May be Evidence in the Court of Law?
Olajide, F. 2015. Forensic Live Response: Why an Object May be Evidence in the Court of Law? International Conference on Cyberspace Governance: The Imperative for National and Economic Security (CyberAbuja2015). Abuja 04 - 07 Nov 2015 IEEE .

On some suggested applications of sudoku in information systems security
Olajide, F. 2015. On some suggested applications of sudoku in information systems security. Asian Journal of Information Technology. 14 (4), pp. 117 - 121. https://doi.org/10.36478/ajit.2015.117.121

FALI: Time Memory Information of Windows Computer Systems
Olajide, F. 2013. FALI: Time Memory Information of Windows Computer Systems. International Journal of Intelligent Computing Research. 4 (4).

On the Analysis of Information Found on Windows Application Memory
Olajide, F., Savage, N., Akmayeva, G. and Shoniregun, C.A. 2013. On the Analysis of Information Found on Windows Application Memory. International Journal of Intelligent Computing Research. 4 (2). https://doi.org/10.20533/ijicr.2042.4655.2013.0042

Extracting Forensically Relevant Information From Windows Applications
Olajide, F., Savage, N., Akmayeva, G. and Shoniregun, C. 2012. Extracting Forensically Relevant Information From Windows Applications. 2012 International Conference on Information Society (i-Society). London, United Kingdom 25 - 28 Jun 2018 IEEE .

Extracting forensically relevant information from windows application
Olajide, F., Savage, N., Akmayeva, G. and Shoniregun, C. 2012. Extracting forensically relevant information from windows application. International Conference on Information Society. London, UK 27 - 29 Jun 2011 IEEE .

Forensic memory evidence of windows application
Olajide, F., Savage, N., Akmayeva, G. and Trafford, R. 2012. Forensic memory evidence of windows application. 2012 International Conference for Internet Technology and Secured Transactions. London, UK 10 - 12 Dec 2012 IEEE .

Digital forensic research—The analysis of user input on volatile memory of Windows application
Olajide, F., Savage, N., Akmayeva, G. and Shoniregun, C. 2012. Digital forensic research—The analysis of user input on volatile memory of Windows application. World Congress on Internet Security (WorldCIS-2012). Guelph, ON, Canada 10 - 12 Jun 2012 IEEE .

Digital Forensic Research and Method of Extracting Relevant Information From Physical Memory Of Windows Systems
Olajide, F. 2011. Digital Forensic Research and Method of Extracting Relevant Information From Physical Memory Of Windows Systems. Fourth International Conference on Internet Technologies and Applications (ITA 11). Glyndwr University, North Wales, UK 06 - 09 Sep 2011

Dispersal of time aspect of information stored on physical memory
Olajide, F. and Savage, N. 2011. Dispersal of time aspect of information stored on physical memory. Cyberforensics 2011 - International conference on cybercrime, security and digital forensics. Glasgow, UK 27 - 28 Jun 2018

Extraction of user information by pattern matching techniques in windows physical memory
Olajide, F. and Savage, N. 2011. Extraction of user information by pattern matching techniques in windows physical memory. Digital Enterprise and Information Systems International Conference, DEIS 2011. London, UK 20 - 22 Jul 2011 Springer. https://doi.org/10.1007/978-3-642-22603-8_40

Forensic extraction of user information in continuous block of evidence
Olajide, F. 2011. Forensic extraction of user information in continuous block of evidence. International Conference on Information Society. London, UK 27 - 29 Jun 2011 IEEE . https://doi.org/10.1109/i-Society18435.2011.5978501

On the extraction of forensically relevant information from physical memory
Olajide, F. 2011. On the extraction of forensically relevant information from physical memory. 2011 World Congress on Internet Security. London, UK 21 - 23 Feb 2011 IEEE . https://doi.org/10.1109/WorldCIS17046.2011.5749861

A Study of Application Level Information From The Volatile Memory of Windows Computer Systems
Olajide, F. 2011. A Study of Application Level Information From The Volatile Memory of Windows Computer Systems. PhD thesis University of Portsmouth

Application Level Evidence and Event Reconstruction
Olajide, F. 2010. Application Level Evidence and Event Reconstruction. Journal of Computing in Systems & Engineering. 10, pp. 171-175.

Application level evidence from volatile memory
Olajide, F. and Savage, N. 2009. Application level evidence from volatile memory. Journal of Computing in Systems and Engineering. 10, pp. 171-175.

Forensic live response and event reconstruction methods in Linux systems
Olajide, F. 2009. Forensic live response and event reconstruction methods in Linux systems. 10th Annual PostGraduate Symposium on The Convergence of Telecommunications, Networking and Broadcasting. 10th Annual PostGraduate Symposium on The Convergence of Telecommunications, Networking and Broadcasting

Permalink - https://westminsterresearch.westminster.ac.uk/item/w4v37/on-the-identification-of-information-extracted-from-windows-physical-memory


Share this

Usage statistics

19 total views
9 total downloads
These values cover views and downloads from WestminsterResearch and are for the period from September 2nd 2018, when this repository was created.