Practical password harvesting from volatile memory

This source preferred by Vasilis Katos

This data was imported from Scopus:

Authors: Karayianni, S. and Katos, V.

Journal: Lecture Notes of the Institute for Computer Sciences, Social-Informatics and Telecommunications Engineering

Volume: 99 LNICST

Pages: 17-22

ISSN: 1867-8211

DOI: 10.1007/978-3-642-33448-1_3

In this paper we challenge the widely accepted approach where a first responder does not capture the RAM of a computer system if found to be powered off at a crime scene. We investigate the presence of confidential data in RAM such as user passwords. Our findings show that even if the computer is switched off but not removed from the mains, the data are preserved. In fact, when a process is terminated but the computer is still operating, the respective data are more likely to be lost. Therefore capturing the memory could be as critical on a switched off system as on a running one. © 2012 ICST Institute for Computer Science, Social Informatics and Telecommunications Engineering.

The data on this page was last updated at 04:45 on January 16, 2018.