RAM Forensic Analysis

by Eliézer Pereira

1 Goal

The purpose of this article is show how to perform a RAM memory forensic analysis, presenting some examples of information that can be retrieved and analyzed to help identify indications of security incidents as well as fraud and other illegal practices through information systems.

2 Good Practices and Techniques for Computer Forensic Analysis

2.1 NIST 800-86

The National Institute of Standards and Technology (NIST) is known worldwide for the publication of documents that bring well detailed and well comprehensive technology standards.

Document 800-86 – Guide to Integrating Forensic Techniques into Incident Response has a number of recommendations for proceeding with forensic analysis of security incidents, from data collection to the preparation of a final report.

Read More

Leave a Comment