O'Reilly logo

Operating System Forensics by Ric Messier

Stay ahead with the world's most comprehensive technology and business learning platform.

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, tutorials, and more.

Start Free Trial

No credit card required

Chapter 4

Memory Forensics

Abstract

The chapter discusses the use of open source tools to collect memory and analyze it as part of a forensic investigation.

Keywords

operating systems
forensics
operating environments

INFORMATION INCLUDED IN THIS CHAPTER:

Virtual memory
Windows, Linux, Mac OS memory
Memory extraction
Swap space

Introduction

Data is permanently stored on what is called secondary storage, which is what we have been talking about so far – disk drives, USB flash drives, and other forms of permanent storage. However, when a computer is running and programs are using the data that has been retrieved from the disk, the programs and data are placed into primary storage or main memory. Well, it is used to be called as main memory. ...

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, interactive tutorials, and more.

Start Free Trial

No credit card required