Password recovery using an evidence collection tool and countermeasures

Seokhee Lee, Antonio Savoldi, Sangjin Lee, Jong In Lim

Research output: Chapter in Book/Report/Conference proceedingConference contribution

10 Citations (Scopus)

Abstract

In this paper we propose a methodology used to analyse collected pagefiles belonging to public computers using a pagefile collection tool (PCT), which is suitable to be used in a live forensics context. After that, we investigated how to gather sensitive information such as passwords and usernames, which we found in half of the analysed pagefiles. Undoubtedly, this fact can be used by a forensics practitioner to solve the investigation faster, by using such information in order to acquire useful information about a crime. However, if such forensic pagefile collection tool was used as a hacking tool, it could cause leakage of privacy information. To be more precise, it allows easy gathering of critical information such as passwords and credit card numbers. Accordingly, in order to solve this problem, we have proposed a programming methodology to prevent the "swap-out" of sensitive information from main memory to pagefile. Finally, we also proposed a system model to perform the encryption of pagefile memory in order to improve the security of a computer system.

Original languageEnglish
Title of host publicationProceedings - 3rd International Conference on Intelligent Information Hiding and Multimedia Signal Processing, IIHMSP 2007.
Pages97-102
Number of pages6
Volume2
DOIs
Publication statusPublished - 2007 Dec 1
Event3rd International Conference on Intelligent Information Hiding and Multimedia Signal Processing, IIHMSP 2007 - Kaohsiung, Taiwan, Province of China
Duration: 2007 Nov 262007 Nov 28

Other

Other3rd International Conference on Intelligent Information Hiding and Multimedia Signal Processing, IIHMSP 2007
CountryTaiwan, Province of China
CityKaohsiung
Period07/11/2607/11/28

    Fingerprint

ASJC Scopus subject areas

  • Computer Networks and Communications
  • Signal Processing
  • Information Systems and Management

Cite this

Lee, S., Savoldi, A., Lee, S., & Lim, J. I. (2007). Password recovery using an evidence collection tool and countermeasures. In Proceedings - 3rd International Conference on Intelligent Information Hiding and Multimedia Signal Processing, IIHMSP 2007. (Vol. 2, pp. 97-102). [4457662] https://doi.org/10.1109/IIH-MSP.2007.238