Memory-Based antiforensic tools and techniques

Computer forensics is the discipline that deals with the acquisition, investigation, preservation, and presentation
of digital evidence in the court of law. Whereas antiforensics is the terminology used to describe
malicious activities deployed to delete, alter, or hide digital evidence with the main objective of manipulating,
destroying, and preventing the creation of evidence. Various antiforensic methodologies and tools can be
used to interfere with digital evidence and computer forensic tools. However, memory-based antiforensic
techniques are of particular interest because of their effectiveness, advanced manipulation of digital evidence,
and attack on computer forensic tools. These techniques are mainly performed in volatile memory using
advanced data alteration and hiding techniques. For these reasons memory-based antiforensic techniques
are considered to be unbeatable. This article aims to present some of the current antiforensic approaches
and in particular reports on memory-based antiforensic tools and techniques.

Citation:
Jahankhani, H.; Beqiri, E. (2008) ‘Memory-Based antiforensic tools and techniques’ International Journal of Information Security and Privacy, 2 (2) pp.1-13.