Towards sound forensic acquisition of volatile data
This work discusses shortcomings of current forensic acquisition tools aimed at securing volatile data. Recent developments in the area of anti-forensics have effectively disabled current forensic methods. The development of new methods towards sound forensic acquisition of volatile data is necessary as to keep up with the arms race. After an overview over current hardware-based and software-based acquisition methods, attacks and evasion techniques will be presented. Concluding, novel techniques are discussed to cope with anti-forensics.