HYBRID AND HOLISTIC APPROACHES FOR TRACKING AND ANALYSIS OF COMPUTER MEMORY

Abstract

This research focused on the Computer Forensic with the aim to capture as much as possible the objects from the computer memory (RAM) image. In the past. the Digital Forensic Analyst only stressed on the analysis of the non-volatile drive such as hard drive. USB thumb drive and CD. Although these devices provide the platform to find the evidence in the computer equipment. it provides limited information especially in cases where the computer is being used for criminal purposes. Moreover. the past works on the computer memory only applied for mal ware analysis such as study on its behavior and capturing the virus signature. Nevertheless. with the improvement and advancement in computer technology and the introduction of Cloud Computing. computer memory has become the principal focus in obtaining the information since all the data is stored there before being processed by the CPU