Memory-Based antiforensic tools and techniques


Jahankhani, Hamid and Beqiri, Elidon 2008. Memory-Based antiforensic tools and techniques. International Journal of Information Security and Privacy. 2 (2), pp. 1-13.
AuthorsJahankhani, Hamid and Beqiri, Elidon

Computer forensics is the discipline that deals with the acquisition, investigation, preservation, and presentation
of digital evidence in the court of law. Whereas antiforensics is the terminology used to describe
malicious activities deployed to delete, alter, or hide digital evidence with the main objective of manipulating,
destroying, and preventing the creation of evidence. Various antiforensic methodologies and tools can be
used to interfere with digital evidence and computer forensic tools. However, memory-based antiforensic
techniques are of particular interest because of their effectiveness, advanced manipulation of digital evidence,
and attack on computer forensic tools. These techniques are mainly performed in volatile memory using
advanced data alteration and hiding techniques. For these reasons memory-based antiforensic techniques
are considered to be unbeatable. This article aims to present some of the current antiforensic approaches
and in particular reports on memory-based antiforensic tools and techniques.

Keywordsantiforensics; data hiding; live CD; memory-based antiforensics; wireless antiforensics
JournalInternational Journal of Information Security and Privacy
Journal citation2 (2), pp. 1-13
Accepted author manuscript
Web address (URL)
Publication dates
Publication process dates
Deposited04 Jan 2011
Additional information

Jahankhani, H.; Beqiri, E. (2008) ‘Memory-Based antiforensic tools and techniques’ International Journal of Information Security and Privacy, 2 (2) pp.1-13.

Permalink -

Download files

Accepted author manuscript
  • 124
    total views
  • 384
    total downloads
  • 2
    views this month
  • 2
    downloads this month

Export as