СПОСОБЫ ПОЛУЧЕНИЯ ДОКАЗАТЕЛЬНОЙ ИНФОРМАЦИИ С КОМПЬЮТЕРА СРЕДСТВАМИ OPEN SOURСE
T. M. Tatarnikova, I. A. Sikarev, D. A. Rychikhin St. Petersburg State University of Aerospace Instrumentation Russian State Hydrometeorological University
Annotation: The current task of obtaining evidentiary information as a direction for the development of digital forensics is considered. The procedure for collecting evidentiary information from computer storage devices is given, including the basic requirements for collecting evidence, its safety and ensuring integrity. An overview of methods for obtaining evidentiary information from a computer is given, among which an accessible and effective method is highlighted using Open Source software to form a snapshot of RAM. The results of an experiment to study the possibility of obtaining and analyzing a snapshot of a computer’s RAM using Open Source tools are presented and approximate information is determined that can be obtained when using them in the interests of computer technical expertise
Keywords: digital forensics, evidentiary information obtained from a computer, the procedure for collecting evidentiary information, methods for obtaining evidentiary information, an experiment on obtaining evidentiary information from a computer
Pages 58–68