Disk memory forensics: Analysis of memory forensics frameworks flow

摘要

We have heard of Cyber Espionage where a spy was able to hide data and go unnoticed virtually. Using some forensics frameworks we can able to hide and retrieve data in any format both in Windows and Linux operating systems. Whatever the data are made to be hidden in the disk, some frameworks are very good at its carving technique which it analyze and give all the parts of the disk or any other memory devices. In this paper I have clearly explained how memory forensics frameworks analyze the memory of the hard disk drives. Some specific utilities are capable and designed specifically only for windows Operating system and at the same way some forensics frameworks are designed specifically for Linux based distributions. Here I have analyzed few frameworks that are currently good in conducting a digital forensic investigation. These frameworks are for a human resources internal investigation where unauthorized investigation into the server, or to select frameworks to conduct new investigation and these frameworks and suits will assist to conduct analysis of memory forensic, forensic analysis of hard drive, forensic imaging, forensic image exploration, forensic imaging and mobile forensics. Such that, they all designed in such a way that it has the features to bring back in whole depth analyzed report of its merits in its technique flow and about what's under the system hood.