Journal on Communications ›› 2021, Vol. 42 ›› Issue (7): 117-127.doi: 10.11959/j.issn.1000-436x.2021143
• Papers • Previous Articles Next Articles
Binglong LI, Zhenyu ZHOU, Yu ZHANG, Heyu ZHANG, Chaowen CHANG
Revised:
2021-03-01
Online:
2021-07-25
Published:
2021-07-01
Supported by:
CLC Number:
Binglong LI, Zhenyu ZHOU, Yu ZHANG, Heyu ZHANG, Chaowen CHANG. Memory fragment file carving algorithm based on the reverse of the structure chain[J]. Journal on Communications, 2021, 42(7): 117-127.
"
文件 | doc/B | pdf/B | txt/B | jpg/B |
f0 | 24 064 | 51 618 | 32 | 14 717 |
f1 | 26 112 | 66 067 | 698 | 60 019 |
f2 | 26 624 | 86 311 | 747 | 97 788 |
f3 | 27 136 | 138 276 | 778 | 122 854 |
f4 | 28 160 | 145 813 | 997 | 141 963 |
f5 | 39 424 | 159 331 | 3 917 | 226 174 |
f6 | 81 920 | 212 392 | 15 127 | 360 907 |
f7 | 118 784 | 272 669 | 24 154 | 421 069 |
f8 | 189 952 | 397 519 | 24 564 | 2 599 419 |
f9 | 233 984 | 2 173 636 | 318 997 | 6 523 649 |
[1] | SERVIDA F , CASEY E . IoT forensic challenges and opportunities for digital traces[J]. Digital Investigation, 2019,28: 22-29. |
[2] | SUDHAKAR , KUMAR S . An emerging threat Fileless malware:a survey and research challenges[J]. Cybersecurity, 2020,3(1): 1-12. |
[3] | The Internet Crime Complaint Center. 2019 Internet crime report[R]. 2019. |
[4] | McAfee Labs. 2019 threats report[R]. 2019. |
[5] | CAVIGLIONE L , WENDZE S , MAZURCZKY W . The future of digital forensics:challenges and the road ahead[J]. IEEE Security &Privacy, 2017,15(6): 12-17. |
[6] | XIAO T , XU M , XU J . Acquisiting text documents opened by notepad from Windows7 RAM image[J]. Journal of Computational Information Systems, 2014,10(16): 7117-7124. |
[7] | PATEL A , MISTRY N . An analyzing of different techniques and tools to recover data from volatile memory[J]. International Journal for Scientific Research & Development, 2013,1(2): 227-233. |
[8] | NUR A , MOHAMAD K , HASHEEM Y . Corrupted MP4 carving using MP4-Karver[J]. International Journal of Advanced Computer Science and Applications, 2016,7(3): 88-93. |
[9] | CARRIER B D , GRAND J . A hardware-based memory acquisition procedure for digital investigations[J]. Digital Investigation, 2004,1(1): 50-60. |
[10] | MULLAN P , RIESS C , FREILING F . Forensic source identification using JPEG image headers:the case of smartphones[J]. Digital Investigation, 2019,28: 68-76. |
[11] | BAHJAT A A , JONES J . Deleted file fragment dating by analysis of allocated neighbors[J]. Digital Investigation, 2019,28: 60-67. |
[12] | KORNBLUM J D . Using every part of the buffalo in Windows memory analysis[J]. Digital Investigation, 2007,4(1): 24-29. |
[13] | DOLAN-GAVITT B . The VAD tree:a process-eye view of physical memory[J]. Digital Investigation, 2007,4: 62-64. |
[14] | VAN-BAAR R B , ALINK W , VAN-BALLEGOOIJ A R , . Forensic memory analysis:files mapped in memory[J]. Digital Investigation, 2008,5: 52-57. |
[15] | QUICK D , CHOO K K R . Impacts of increasing volume of digital forensic data:a survey and future research challenges[J]. Digital Investigation, 2014,11(4): 273-294. |
[16] | GAO Y H , CAO T J . Memory forensics for QQ from a live system[J]. Journal of Computers, 2010,5(4): 541-548. |
[17] | PETRONI N L , WALTERS A , FRASER T ,et al. FATKit:a framework for the extraction and analysis of digital forensic data from volatile system memory[J]. Digital Investigation, 2006,3(4): 197-210. |
[18] | 马庆杰, 李炳龙, 位丽娜 . 基于SQLite内容雕刻的恢复技术[J]. 计算机应用, 2017,37(2): 392-396. |
MA Q J , LI B L , WEI L N . File recovery based on SQlite content carving[J]. Journal of Computer Applications, 2017,37(2): 392-396. | |
[19] | 高元照, 李炳龙, 陈性元 . 基于MapReduce的HDFS数据窃取随机检测算法[J]. 通信学报, 2018,39(10): 11-21. |
GAO Y Z , LI B L , CHEN X Y . Stochastic algorithm for HDFS data theft detection based on MapReduce[J]. Journal on Communications, 2018,39(10): 11-21. | |
[20] | V?MEL S , FREILING F C . Correctness,atomicity,and integrity:defining criteria for forensically-sound memory acquisition[J]. Digital Investigation, 2012,9(2): 125-137. |
[21] | HEO H S , SO B M , YANG I H ,et al. Automated recovery of damaged audio files using deep neural networks[J]. Digital Investigation, 2019,30: 117-126. |
[22] | 高元照, 李炳龙, 吴熙曦 . 基于物理内存的注册表逆向重建取证分析算法[J]. 山东大学学报(理学版), 2016,51(9): 127-136. |
GAO Y Z , LI B L , WU X X . A forensic analysis algorithm of registry reverse reconstruction based on physical memory[J]. Journal of Shan-dong University (Natural Science), 2016,51(9): 127-136. | |
[23] | KHILOSIYA B , MAKADIYA K . Malware analysis and using memory forensic[J]. Multidisciplinary International Research Journal of Gujarat Technological University, 2020,2(2): 106-117. |
[24] | SCHUSTER A . Searching for processes and threads in Microsoft Windows memory dumps[J]. Digital Investigation, 2006,3: 10-16. |
[25] | SALAVE P , WAKDIKAR A . Memory forensics:tools comparison[J]. International Journal of Science and Research, 2017,6(6): 5-8. |
[26] | COHEN M . Scanning memory with Yara[J]. Digital Investigation, 2017,20: 34-43. |
[27] | OKOLICA J , PETERSON G L . Windows operating systems agnostic memory analysis[J]. Digital Investigation, 2010,7: 48-56. |
[28] | GS StatCounter . Desktop Windows version market share worldwide[R]. 2020. |
[29] | MARZIALE L , RICHARD G G III , ROUSSEV V III . Massive threading:using GPUs to increase the performance of digital forensics tools[J]. Digital Investigation, 2007,4: 73-81. |
[30] | AL-SHARIF Z A , AL-KHALEE A Y , AL-SALEH M I ,et al. Carving and clustering files in ram for memory forensics[J]. Far East Journal of Electronics and Communications, 2018,18(5): 695-722. |
[31] | The Honeynet Project. Challenge 3-banking troubles[R]. 2010. |
[1] | Xiaoni DU, Xiangyu WANG, Lifang LIANG, Kaibin LI. Quantum cryptanalysis of lightweight block cipher Piccolo [J]. Journal on Communications, 2023, 44(6): 175-182. |
[2] | Zhen ZHENG, Yingjian YAN, Juesong CAI, Yanjiang LIU. Non-specific TVLA method based on two-sample KS test [J]. Journal on Communications, 2023, 44(5): 137-147. |
[3] | Tao FENG, Liqiu CHEN, Junli FANG, Jianming SHI. Blockchain data sharing scheme based on localized difference privacy and attribute-based searchable encryption [J]. Journal on Communications, 2023, 44(5): 224-233. |
[4] | Dacheng ZHOU, Hongchang CHEN, Weizhen HE, Guozhen CHENG, Hongchao HU. Research on multidimensional dynamic defense strategy for microservice based on deep reinforcement learning [J]. Journal on Communications, 2023, 44(4): 50-63. |
[5] | Ming TANG, Yifan HU. Load-to-store: exploit the time leakage of store buffer transient window [J]. Journal on Communications, 2023, 44(4): 64-77. |
[6] | Wei LI, Chun LIU, Dawu GU, Wenqian SUN, Jianning GAO, Mengyang QIN. Statistical ineffective fault analysis of the lightweight authenticated cipher algorithm Saturnin-Short [J]. Journal on Communications, 2023, 44(4): 167-175. |
[7] | Yuling LIU, Cuilin WANG, Zhangjie FU. Generative text steganography method based on emotional expression in semantic space [J]. Journal on Communications, 2023, 44(4): 176-186. |
[8] | Baiji HU, Xiaojuan ZHANG, Yuancheng LI, Rongxin LAI. Multi-function supported privacy protection data aggregation scheme for V2G network [J]. Journal on Communications, 2023, 44(4): 187-200. |
[9] | Wei FAN, Cheng PENG, Dali ZHU, Yuqing WANG. Research on intrusion response strategy based on static Bayesian game in mobile edge computing network [J]. Journal on Communications, 2023, 44(2): 70-81. |
[10] | Dongyan HUANG, Kun LI. Research on multi-address time-based blockchain covert communication method [J]. Journal on Communications, 2023, 44(2): 148-159. |
[11] | Shufen ZHANG, Yanling DONG, Jingcheng XU, Haoshi WANG. AdaBoost algorithm based on target perturbation [J]. Journal on Communications, 2023, 44(2): 198-209. |
[12] | Shengbao WANG, Xin ZHOU, Kang WEN, Bosen WENG. Tripartite authenticated key exchange protocol for smart grid [J]. Journal on Communications, 2023, 44(2): 210-218. |
[13] | Yiliang HAN, Kaiyang GUO, Riming WU, Kai LIU. Attribute-based encryption scheme against key abuse based on OBDD access structure from lattice [J]. Journal on Communications, 2023, 44(1): 75-88. |
[14] | Chao XIA, Yaqi LIU, Qingxiao GUAN, Xin JIN, Yanshuo ZHANG, Shengwei XU. Steganalysis of JPEG images using non-linear residuals [J]. Journal on Communications, 2023, 44(1): 142-152. |
[15] | Xiaodong FU, Xinxin QI, Li LIU, Wei PENG, Jiaman DING, Fei DAI. Detecting and preventing collusion attack in DPoS based on power index [J]. Journal on Communications, 2022, 43(12): 123-133. |
Viewed | ||||||
Full text |
|
|||||
Abstract |
|
|||||
|