skip to main | skip to sidebar

Work

Friday, May 28, 2010

Live Forensics

http://www.atcorp.com/Publications/CACM_LiveForensics.pdf
http://www.foolmoon.net/downloads/Live_Forensics_Using_WFT.pdf
http://portal.acm.org/citation.cfm?id=1113070

Posted by Jiang at 2:55 PM

Email This BlogThis!Share to X Share to Facebook Share to Pinterest

Labels: forensics

No comments:

Newer Post Older Post Home

Subscribe to: Post Comments (Atom)

Pages

Home
Usenix security

Labels

_KPCR (1) 64bit (1) 9054 (1) ACPI (7) acrobat (1) AES (1) algorithm (4) AMD (1) AMT (1) Apache (1) APC (1) APIC (1) assembly (5) ASUS (1) bash (4) beep (1) BFS (1) BIOS (11) bochs (2) BootP (1) bootup (1) buddy (1) C++ (1) caller (1) cell phone (1) CentOS (8) Chinese (1) Cisco (1) clone (1) coreboot (2) CPU (2) cscope (2) ctag (1) data structure (1) DDK (1) deadlock (1) Debug (9) DELL (1) device driver (11) disk (3) dll (1) DMA (1) DOS (1) DPC (1) e1000 (2) EC (1) error code (1) ESXi (2) Excel (1) fabric (1) facebook (1) file (1) file system (1) finite automata (1) firefox (2) Flash (1) forensics (1) FPGA (1) Ftrace (1) function_call (1) FVM (2) GAS (2) gcc (3) GDB (5) getopt (1) git (4) google (1) Grammar (1) grep (2) hash (1) heap (2) hibernation (2) Hyper-V (2) HyperSpace (1) IDT (2) IE (2) ifconfig (1) initrd (1) Intel (5) Interrupt (2) IO (3) ioremap (2) Java (2) kdump (1) kernel (13) kernel panic (3) kexec (1) kobjects (1) KVM (1) latex (2) ldd (1) libcap (2) libnet (1) library (1) libvirt (1) linked_list (1) Linux (105) livecd (1) liveKd (1) LKM (1) LOC (1) log (1) ls (1) lxr (3) Mac (1) Matlab (2) memcached (1) memory (4) MIT opencourseware (1) mm (2) MSI (2) MSR (1) Mutex (1) nasm (1) NDIS (1) neighboring (1) netcat (1) netperf (1) network (8) network namespaces (1) nfs (1) NIC (5) NUMA (1) oops (2) openstack (1) oprofile (1) OS (1) OutputDebugString (1) page table (1) papers (2) passthrough (1) password (1) PC (1) PCI (6) PCIe (4) pdf (1) PE (1) per-CPU (1) perl (1) powerpoint (1) printk (1) process (4) PSE (1) PXE (4) Python (5) qemu (18) RDO (1) RDP (2) rdtsc (1) real mode (2) Reverse Engineering (1) rootkit (3) route (1) RPM (3) scale (1) scp (1) screen (1) Segmentation fault (1) sendmail (1) serial console (3) SHA1 (1) shell (1) Shutdown (2) skb (1) SMI (1) SMM (5) SMP (2) softirq (1) SSDT (1) ssh (2) stack (1) STREAM benchmark (1) string matching (1) Suspend (3) svn (7) Switch (1) Symbol (1) sysfs (1) syslog (1) sysrq (1) tab (1) tasklet (1) tc (1) TCG (1) tcpdump (1) terminal (1) top (1) TPM (4) trace (1) transparent (1) tree (1) Trusted computing (1) TSC (1) tun/tap (1) ubuntu (11) UEFI (1) UMDF (1) upstart (1) USB (3) User Agent (1) users (1) vi (2) vim (5) Vista (1) vm (1) vmlinux (1) vmware (7) VNC (1) WinDbg (3) Windows (25) Windows_Server_2008 (1) x86_64 (2) Xen (15) xenoprofile (1) Xentrace (1) Xming (1)

Followers

Blog Archive

► 2020 (1)
- ► September (1)

► 2016 (3)
- ► September (1)
- ► April (1)
- ► January (1)

► 2015 (20)
- ► December (1)
- ► October (3)
- ► August (1)
- ► July (14)
- ► May (1)

► 2014 (6)
- ► December (3)
- ► October (1)
- ► August (1)
- ► February (1)

► 2013 (13)
- ► November (3)
- ► October (2)
- ► September (3)
- ► May (2)
- ► April (1)
- ► March (1)
- ► February (1)

► 2012 (30)
- ► November (4)
- ► October (4)
- ► September (1)
- ► August (3)
- ► May (1)
- ► April (7)
- ► March (3)
- ► February (5)
- ► January (2)

► 2011 (75)
- ► December (14)
- ► November (11)
- ► October (5)
- ► September (12)
- ► August (2)
- ► July (1)
- ► June (4)
- ► April (8)
- ► March (8)
- ► February (7)
- ► January (3)

▼ 2010 (61)
- ► December (2)
- ► November (5)
- ► September (2)
- ► August (6)
- ► July (7)
- ► June (11)
- ▼ May (10)
- ► April (4)
- ► March (7)
- ► February (3)
- ► January (4)

► 2009 (143)
- ► December (11)
- ► November (9)
- ► October (6)
- ► September (8)
- ► August (12)
- ► July (26)
- ► June (15)
- ► May (9)
- ► April (16)
- ► March (12)
- ► February (11)
- ► January (8)

► 2008 (35)
- ► December (12)
- ► November (7)
- ► October (12)
- ► September (4)

About Me

Jiang

View my complete profile