ANALYSIS OF THE EFFECT OF VSM ON THE MEMORY ACQUISITION PROCESS USING THE DYNAMIC ANALYSIS METHOD

Sinta Nur Maulina
Niken Dwi Wahyu Cahyani
Erwid Musthofa Jadied


DOI: https://doi.org/10.29100/jipi.v8i2.3745

Abstract


At first, forensics was restricted to studying data that was stored on a system's hard disk. However, as storage capacity and data encryption increased, applying conventional digital forensic procedures became more challenging. As a result, memory forensics techniques are developed, or are frequently referred to as live forensics, because the process is quicker and more sophisticated. Volatile memory forensics, often known as live forensics, are necessary for this condition. Live forensics has flaws, specifically that some programs can fail when the computer is in active VSM (virtual secure mode). This results in the retrievable evidence being lost. Therefore, determining the cause is essential. The software-based memory acquisition tools Autopsy, Isobuster, DumpIt, and Magnet RAM Capturer are just a few examples. According to the findings of the experiments, the tools that have crashed include DumpIt v1.3.2.20110401. A dynamic code analysis using WindBg as a tool was utilized to study the impact of VSM on the memory acquisition tool. This study's goal is to identify the instances of crashes in various forensic instruments, which will be highly useful for forensic experts performing investigations.

Keywords


Live Forensics; VSM; Tools; Crash

Full Text:

PDF

Article Metrics :

References


Parmaza , B. (2018). Apa itu Digital Forelnsics (Forelnsik Digital). Komunitas Telknologi dan Komunikasi Jambi.

Alelksandar Milelnkoski, D. P. (2021). Virtual Selcurel Model: Architelcturel Ovelrvielw. [Telchnical Relport] ElRNW Elnno Rely Neltzwelrkel GmbH.

Anand, G. (2021). Windbg A-Compleltel Gidel For Advanceld Windows Delbugging. windbg a compleltel guidel.

Arwidmark, J. (2015). Virtual Selcurel Model (VSM) elxplaineld. Elnabling Virtual Selcurel Model (VSM) in Windows 10 Elntelrprisel Build 10130.

Gelorgel, G., & Inani, S. (2018). Lelarning Malwarel Analysis. Packt Publishing Ltd. Livelry Placel 35 Livelry Strelelt Birmingham B3 2PB, UK.

Irfan Felbrian Elditia Kurdiat, N. W. (2016). Analisis Prosels Invelstigasi Delkstop PC Yang Telrhubung Layanan Privatel Cloud. Jurnal Telknik Informatika dan Sistelm Informasi.

Michaell Solomon, D. B. (2005). Computelr Forelnsics Jumpstart. Alamelda: SYBElX Inc .

Rahelvar, D. (2013). Study on Livel analysis of Windows Physical Melmory,IOSR Journal of Computelr Elnginelelring (IOSR-JCEl). IOSR Journal of Computelr Elnginelelring (IOSR-JCEl).

Riadi, I., Fadlil, A., & Hafizh, M. N. (2020). Analisis Bukti Selrangan Addrelss Relsolution Protocol Spoofing melnggunakan Meltodel National Institutel of Standard Telchnology. Jurnal Pelndidikan Informatika.

Umar, R., Riadi, I., & Handoyo, El. (2019). Analisis Kelamanan Sistelm Informasi Belrdasarkan Framelwork COBIT 5 Melnggunakan Capability Maturity Modell Intelgration (CMMI). Jurnal Sistelm Informasi Bisnis.

Cahyani, N. D., Jadield, El. M., & Ab Rahman, N. H. (2022). Thel Influelncel of Virtual Selcurel Model (VSM) on Melmory Acquisition. Intelrnational Journal of Advanceld Computelr.