Cargando…
Non-Volatile Memory Forensic Analysis in Windows 10 IoT Core
The increase in the number of cybersecurity incidents in which internet of things (IoT) devices are involved has called for an improvement in the field of computer forensics, which needs to provide techniques in order to perform complete and efficient investigations in this new environment. With the...
| Autores principales: | , , , |
|---|---|
| Formato: | Online Artículo Texto |
| Lenguaje: | English |
| Publicado: |
MDPI
2019
|
| Materias: | |
| Acceso en línea: | https://www.ncbi.nlm.nih.gov/pmc/articles/PMC7514486/ http://dx.doi.org/10.3390/e21121141 |
| _version_ | 1783586598951059456 |
|---|---|
| author | Castelo Gómez, Juan Manuel Roldán Gómez, José Carrillo Mondéjar, Javier Martínez Martínez, José Luis |
| author_facet | Castelo Gómez, Juan Manuel Roldán Gómez, José Carrillo Mondéjar, Javier Martínez Martínez, José Luis |
| author_sort | Castelo Gómez, Juan Manuel |
| collection | PubMed |
| description | The increase in the number of cybersecurity incidents in which internet of things (IoT) devices are involved has called for an improvement in the field of computer forensics, which needs to provide techniques in order to perform complete and efficient investigations in this new environment. With the aim of doing so, new devices and systems are being studied in order to offer guidelines for investigators on how to examine them. This papers follows this approach and presents a forensic analysis of the non-volatile memory of Windows 10 IoT Core. It details how the investigation should be performed and highlights the relevant information that can be extracted from storage. In addition, a tool for the automation of the retrieval of the pieces of evidence detected is provided. |
| format | Online Article Text |
| id | pubmed-7514486 |
| institution | National Center for Biotechnology Information |
| language | English |
| publishDate | 2019 |
| publisher | MDPI |
| record_format | MEDLINE/PubMed |
| spelling | pubmed-75144862020-11-09 Non-Volatile Memory Forensic Analysis in Windows 10 IoT Core Castelo Gómez, Juan Manuel Roldán Gómez, José Carrillo Mondéjar, Javier Martínez Martínez, José Luis Entropy (Basel) Article The increase in the number of cybersecurity incidents in which internet of things (IoT) devices are involved has called for an improvement in the field of computer forensics, which needs to provide techniques in order to perform complete and efficient investigations in this new environment. With the aim of doing so, new devices and systems are being studied in order to offer guidelines for investigators on how to examine them. This papers follows this approach and presents a forensic analysis of the non-volatile memory of Windows 10 IoT Core. It details how the investigation should be performed and highlights the relevant information that can be extracted from storage. In addition, a tool for the automation of the retrieval of the pieces of evidence detected is provided. MDPI 2019-11-22 /pmc/articles/PMC7514486/ http://dx.doi.org/10.3390/e21121141 Text en © 2019 by the authors. Licensee MDPI, Basel, Switzerland. This article is an open access article distributed under the terms and conditions of the Creative Commons Attribution (CC BY) license (http://creativecommons.org/licenses/by/4.0/). |
| spellingShingle | Article Castelo Gómez, Juan Manuel Roldán Gómez, José Carrillo Mondéjar, Javier Martínez Martínez, José Luis Non-Volatile Memory Forensic Analysis in Windows 10 IoT Core |
| title | Non-Volatile Memory Forensic Analysis in Windows 10 IoT Core |
| title_full | Non-Volatile Memory Forensic Analysis in Windows 10 IoT Core |
| title_fullStr | Non-Volatile Memory Forensic Analysis in Windows 10 IoT Core |
| title_full_unstemmed | Non-Volatile Memory Forensic Analysis in Windows 10 IoT Core |
| title_short | Non-Volatile Memory Forensic Analysis in Windows 10 IoT Core |
| title_sort | non-volatile memory forensic analysis in windows 10 iot core |
| topic | Article |
| url | https://www.ncbi.nlm.nih.gov/pmc/articles/PMC7514486/ http://dx.doi.org/10.3390/e21121141 |
| work_keys_str_mv | AT castelogomezjuanmanuel nonvolatilememoryforensicanalysisinwindows10iotcore AT roldangomezjose nonvolatilememoryforensicanalysisinwindows10iotcore AT carrillomondejarjavier nonvolatilememoryforensicanalysisinwindows10iotcore AT martinezmartinezjoseluis nonvolatilememoryforensicanalysisinwindows10iotcore |