by W.Chirath De Alwis, School of Computing, Asia Pacific Institute of Information Technology, Colombo, Sri Lanka
Cyber security threats on sensitive resources have increased recently and it has increased the need for digital forensic analysis tools. Digital evidence can be extracted not only from hard drives but also from other memory resources of a computing device. Analyzing volatile memory is becoming popular due to increases in memory capacity. This research presents the importance of volatile memory analysis and identifies the limitations of conventional forensic methods. It also identifies the browser based information that is stored in the volatile memory and how this evidence can be retrieved for investigational purposes.