Volatile Memory Acquisition and Extracting of Data Using Volatility Framework and Web GUI Application
N Sai Vaibhav1, D Haritha2
1N Sai Vaibhav, M Tech Student, Department of CSE, Koneru Lakshmaiah Education Foundation, Guntur (A.P), India.
2Dr D Haritha, Associate Professor, Department of CSE, Koneru Lakshmaiah Education Foundation, Guntur (A.P), India
Manuscript received on 01 May 2019 | Revised Manuscript received on 15 May 2019 | Manuscript published on 30 May 2019 | PP: 1487-1489 | Volume-8 Issue-7, May 2019 | Retrieval Number: G6022058719/19©BEIESP
Open Access | Ethics and Policies | Cite | Mendeley | Indexing and Abstracting
© The Authors. Blue Eyes Intelligence Engineering and Sciences Publication (BEIESP). This is an open access article under the CC-BY-NC-ND license (http://creativecommons.org/licenses/by-nc-nd/4.0/)
Abstract: Volatile memory plays a major role in live memory investigation, for the analysis of volatile memory, most of the investigators use Volatility Framework. In this paper, we are going to present how to extract the RAM memory from the suspected systems also preserving it using data acquisition tools and a Web GUI application using Volatility Framework. It also displays the extracted data as tables in the web page. It creates an easy approach for the investigators to do analysis by extracting the information from the volatile memory and also exporting that information as SQLite tables.
Keyword: Digital Forensics; Volatile Memory; Non-Volatile; RAM Dump; Artifact; Acquisition.
Scope of the Article: Data Visualization.