Nowadays, forensic research of volatile data is a big area of interest. In the early days we pulled the plug, but now it could be very interesting to capture volatile data. This project explores RAM for collecting residue data in the CPU. Although every process in RAM shows the current running process, it cannot display the hidden process by the user. The objective is to show how to find the path to hidden process by implementing DKOM (Direct Kernel Object Manipulation).
Keywords – forensic, volatility, hidden process.
Wednesday, January 11, 2012
Final Project : An Abstract
Subscribe to:
Post Comments (Atom)
0 comments:
Post a Comment