{"id":"https://openalex.org/W2885309848","doi":"https://doi.org/10.1145/3230833.3232810","title":"Volatile Memory Forensics Acquisition Efficacy","display_name":"Volatile Memory Forensics Acquisition Efficacy","publication_year":2018,"publication_date":"2018-08-13","ids":{"openalex":"https://openalex.org/W2885309848","doi":"https://doi.org/10.1145/3230833.3232810","mag":"2885309848"},"language":"en","primary_location":{"id":"doi:10.1145/3230833.3232810","is_oa":false,"landing_page_url":"https://doi.org/10.1145/3230833.3232810","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Proceedings of the 13th International Conference on Availability, Reliability and Security","raw_type":"proceedings-article"},"type":"article","indexed_in":["crossref"],"open_access":{"is_oa":false,"oa_status":"closed","oa_url":null,"any_repository_has_fulltext":false},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5053906555","display_name":"Jacob Taylor","orcid":null},"institutions":[{"id":"https://openalex.org/I188329596","display_name":"University of Canberra","ror":"https://ror.org/04s1nv328","country_code":"AU","type":"education","lineage":["https://openalex.org/I188329596"]},{"id":"https://openalex.org/I31746571","display_name":"UNSW Sydney","ror":"https://ror.org/03r8z3t63","country_code":"AU","type":"education","lineage":["https://openalex.org/I31746571"]}],"countries":["AU"],"is_corresponding":true,"raw_author_name":"Jacob Taylor","raw_affiliation_strings":["UNSW Canberra Cyber, University of New South Wales, ACT, Australia"],"affiliations":[{"raw_affiliation_string":"UNSW Canberra Cyber, University of New South Wales, ACT, Australia","institution_ids":["https://openalex.org/I188329596","https://openalex.org/I31746571"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5022626159","display_name":"Benjamin Turnbull","orcid":"https://orcid.org/0000-0003-0440-5032"},"institutions":[{"id":"https://openalex.org/I188329596","display_name":"University of Canberra","ror":"https://ror.org/04s1nv328","country_code":"AU","type":"education","lineage":["https://openalex.org/I188329596"]},{"id":"https://openalex.org/I31746571","display_name":"UNSW Sydney","ror":"https://ror.org/03r8z3t63","country_code":"AU","type":"education","lineage":["https://openalex.org/I31746571"]}],"countries":["AU"],"is_corresponding":false,"raw_author_name":"Benjamin Turnbull","raw_affiliation_strings":["UNSW Canberra Cyber, University of New South Wales, ACT, Australia"],"affiliations":[{"raw_affiliation_string":"UNSW Canberra Cyber, University of New South Wales, ACT, Australia","institution_ids":["https://openalex.org/I188329596","https://openalex.org/I31746571"]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5049154886","display_name":"Gideon Creech","orcid":"https://orcid.org/0000-0003-3854-2940"},"institutions":[{"id":"https://openalex.org/I31746571","display_name":"UNSW Sydney","ror":"https://ror.org/03r8z3t63","country_code":"AU","type":"education","lineage":["https://openalex.org/I31746571"]},{"id":"https://openalex.org/I188329596","display_name":"University of Canberra","ror":"https://ror.org/04s1nv328","country_code":"AU","type":"education","lineage":["https://openalex.org/I188329596"]}],"countries":["AU"],"is_corresponding":false,"raw_author_name":"Gideon Creech","raw_affiliation_strings":["UNSW Canberra Cyber, University of New South Wales, ACT, Australia"],"affiliations":[{"raw_affiliation_string":"UNSW Canberra Cyber, University of New South Wales, ACT, Australia","institution_ids":["https://openalex.org/I188329596","https://openalex.org/I31746571"]}]}],"institutions":[],"countries_distinct_count":1,"institutions_distinct_count":3,"corresponding_author_ids":["https://openalex.org/A5053906555"],"corresponding_institution_ids":["https://openalex.org/I188329596","https://openalex.org/I31746571"],"apc_list":null,"apc_paid":null,"fwci":0.0,"has_fulltext":false,"cited_by_count":8,"citation_normalized_percentile":{"value":0.07650998,"is_in_top_1_percent":false,"is_in_top_10_percent":false},"cited_by_percentile_year":{"min":89,"max":98},"biblio":{"volume":null,"issue":null,"first_page":"1","last_page":"11"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T11241","display_name":"Advanced Malware Detection Techniques","score":0.9998999834060669,"subfield":{"id":"https://openalex.org/subfields/1711","display_name":"Signal Processing"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T11241","display_name":"Advanced Malware Detection Techniques","score":0.9998999834060669,"subfield":{"id":"https://openalex.org/subfields/1711","display_name":"Signal Processing"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T12034","display_name":"Digital and Cyber Forensics","score":0.9998999834060669,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11424","display_name":"Security and Verification in Computing","score":0.9986000061035156,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/firmware","display_name":"Firmware","score":0.9688948392868042},{"id":"https://openalex.org/keywords/rootkit","display_name":"Rootkit","score":0.8842507600784302},{"id":"https://openalex.org/keywords/malware","display_name":"Malware","score":0.8089407086372375},{"id":"https://openalex.org/keywords/computer-science","display_name":"Computer science","score":0.7713590860366821},{"id":"https://openalex.org/keywords/digital-forensics","display_name":"Digital forensics","score":0.5491752624511719},{"id":"https://openalex.org/keywords/computer-security","display_name":"Computer security","score":0.45521020889282227},{"id":"https://openalex.org/keywords/digital-evidence","display_name":"Digital evidence","score":0.43898624181747437},{"id":"https://openalex.org/keywords/operating-system","display_name":"Operating system","score":0.43060487508773804},{"id":"https://openalex.org/keywords/computer-forensics","display_name":"Computer forensics","score":0.4209996163845062},{"id":"https://openalex.org/keywords/malware-analysis","display_name":"Malware analysis","score":0.42073720693588257},{"id":"https://openalex.org/keywords/embedded-system","display_name":"Embedded system","score":0.40988174080848694}],"concepts":[{"id":"https://openalex.org/C67212190","wikidata":"https://www.wikidata.org/wiki/Q104851","display_name":"Firmware","level":2,"score":0.9688948392868042},{"id":"https://openalex.org/C10144332","wikidata":"https://www.wikidata.org/wiki/Q14645","display_name":"Rootkit","level":3,"score":0.8842507600784302},{"id":"https://openalex.org/C541664917","wikidata":"https://www.wikidata.org/wiki/Q14001","display_name":"Malware","level":2,"score":0.8089407086372375},{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.7713590860366821},{"id":"https://openalex.org/C84418412","wikidata":"https://www.wikidata.org/wiki/Q3246940","display_name":"Digital forensics","level":2,"score":0.5491752624511719},{"id":"https://openalex.org/C38652104","wikidata":"https://www.wikidata.org/wiki/Q3510521","display_name":"Computer security","level":1,"score":0.45521020889282227},{"id":"https://openalex.org/C2781357168","wikidata":"https://www.wikidata.org/wiki/Q5276084","display_name":"Digital evidence","level":3,"score":0.43898624181747437},{"id":"https://openalex.org/C111919701","wikidata":"https://www.wikidata.org/wiki/Q9135","display_name":"Operating system","level":1,"score":0.43060487508773804},{"id":"https://openalex.org/C556601545","wikidata":"https://www.wikidata.org/wiki/Q878553","display_name":"Computer forensics","level":3,"score":0.4209996163845062},{"id":"https://openalex.org/C2779395397","wikidata":"https://www.wikidata.org/wiki/Q15731404","display_name":"Malware analysis","level":3,"score":0.42073720693588257},{"id":"https://openalex.org/C149635348","wikidata":"https://www.wikidata.org/wiki/Q193040","display_name":"Embedded system","level":1,"score":0.40988174080848694}],"mesh":[],"locations_count":1,"locations":[{"id":"doi:10.1145/3230833.3232810","is_oa":false,"landing_page_url":"https://doi.org/10.1145/3230833.3232810","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Proceedings of the 13th International Conference on Availability, Reliability and Security","raw_type":"proceedings-article"}],"best_oa_location":null,"sustainable_development_goals":[{"id":"https://metadata.un.org/sdg/16","score":0.5299999713897705,"display_name":"Peace, Justice and strong institutions"}],"awards":[],"funders":[],"has_content":{"grobid_xml":false,"pdf":false},"content_urls":null,"referenced_works_count":23,"referenced_works":["https://openalex.org/W1506027794","https://openalex.org/W1538546197","https://openalex.org/W1548319007","https://openalex.org/W1583301963","https://openalex.org/W1616220066","https://openalex.org/W1648198059","https://openalex.org/W1990614609","https://openalex.org/W2003738882","https://openalex.org/W2009967747","https://openalex.org/W2026546793","https://openalex.org/W2039427951","https://openalex.org/W2068661019","https://openalex.org/W2072863245","https://openalex.org/W2092307728","https://openalex.org/W2096269529","https://openalex.org/W2110730997","https://openalex.org/W2113854927","https://openalex.org/W2128487888","https://openalex.org/W2156350103","https://openalex.org/W2175377689","https://openalex.org/W2313988643","https://openalex.org/W2536999591","https://openalex.org/W3159518577"],"related_works":["https://openalex.org/W2501996246","https://openalex.org/W1594164630","https://openalex.org/W3158488444","https://openalex.org/W3153257862","https://openalex.org/W2229662347","https://openalex.org/W2744900383","https://openalex.org/W3199715035","https://openalex.org/W2765446491","https://openalex.org/W3008439545","https://openalex.org/W2885309848"],"abstract_inverted_index":{"Firmware-based":[0],"malware":[1,22],"is":[2],"an":[3],"emerging":[4],"threat":[5],"with":[6,73],"few":[7,46],"obvious":[8],"mechanisms":[9],"for":[10],"detection.":[11],"There":[12],"have":[13,33],"been":[14,24],"multiple":[15],"cases":[16],"where":[17],"the":[18,45,54,63,84],"presence":[19,55],"of":[20,44,56,65,86],"firmware-based":[21,110],"has":[23],"confirmed":[25],"or":[26,35,112],"strongly":[27],"suspected,":[28],"and":[29,78],"current":[30],"mitigations":[31],"strategies":[32],"little":[34],"no":[36],"recourse.":[37],"Volatile":[38],"memory":[39,67,88,100],"forensics":[40],"may":[41,79],"be":[42,50,81],"one":[43],"technologies":[47],"that":[48],"can":[49],"employed":[51],"to":[52,83,95,105,109],"detect":[53],"modified":[57],"firmware,":[58],"through":[59],"ROM":[60],"shadowing.":[61],"However,":[62],"majority":[64],"volatile":[66],"forensic":[68],"tools":[69,102],"were":[70],"not":[71,80],"designed":[72],"this":[74],"use-case":[75],"in":[76],"mind":[77],"suited":[82],"capture":[85],"protected":[87],"regions.":[89],"This":[90],"work":[91],"performs":[92],"experimental":[93],"analysis":[94],"determine":[96],"which,":[97],"if":[98],"any,":[99],"acquisition":[101],"are":[103],"able":[104],"collect":[106],"evidence":[107],"pertaining":[108],"rootkits":[111],"malware.":[113]},"counts_by_year":[{"year":2025,"cited_by_count":1},{"year":2024,"cited_by_count":1},{"year":2023,"cited_by_count":1},{"year":2022,"cited_by_count":5}],"updated_date":"2025-11-06T03:46:38.306776","created_date":"2025-10-10T00:00:00"}