期刊文献+
共找到1篇文章
< 1 >
每页显示 20 50 100
Acquisition of Network Connection Status Information from Physical Memory on Windows Vista Operating System
1
作者 Xu Lijuan Wang Lianhai Zhang Lei Kong Zhigang 《China Communications》 SCIE CSCD 2010年第6期71-77,共7页
A method to extract information of network connection status information from physical memory on Windows Vista operating system is proposed. Using this method, a forensic examiner can extract accurately the informatio... A method to extract information of network connection status information from physical memory on Windows Vista operating system is proposed. Using this method, a forensic examiner can extract accurately the information of current TCP/ IP network connection information, including IDs of processes which established connections, establishing time, local address, local port, remote address, remote port, etc., from a physical memory on Windows Xflsta operating system. This method is reliable and efficient. It is verified on Windows Vista, Windows Vista SP1, Windows Vista SP2. 展开更多
关键词 computer forensic memory analysis network connection status information
下载PDF
上一页 1 下一页 到第
使用帮助 返回顶部