Skip to main content
Conference Proceedings

Network connections information extraction of 64-bit windows 7 memory images

Lecture Notes of the Institute for Computer Sciences, Social-Informatics and Telecommunications Engineering (2011) 56 90-98
DOI: 10.1007/978-3-642-23602-0_8
3Citations
Citations of this article
7Readers
Mendeley users who have this article in their library.
Get full text

Abstract

Memory analysis technique is a key element of computer live forensics, and how to get status information of network connections is one of the difficulties of memory analysis and plays an important roles in identifying attack sources. It is more difficult to find the drivers and get network connections information from a 64-bit win7 memory image file than its from a 32-bit operating system memory image file. In a this paper, We will describe the approachs to find drivers and get network connection information from windows 7 memory images. This method is reliable and efficient. It is verified on Windows version 6.1.7600. © 2011 ICST Institute for Computer Science, Social Informatics and Telecommunications Engineering.

Author supplied keywords

Cite

CITATION STYLE

APA

Wang, L., Xu, L., & Zhang, S. (2011). Network connections information extraction of 64-bit windows 7 memory images. In Lecture Notes of the Institute for Computer Sciences, Social-Informatics and Telecommunications Engineering (Vol. 56, pp. 90–98). https://doi.org/10.1007/978-3-642-23602-0_8

Register to see more suggestions

Mendeley helps you to discover research relevant for your work.

Already have an account?

Save time finding and organizing research with Mendeley

Sign up for free