week's assignment

5/11/2020 Originality Report

https://blackboard.nec.edu/webapps/mdb-sa-BB5b75a0e7334a9/originalityReport/ultra?attemptId=daf20ac8-f8d8-4037-b3f7-573d67e2f47a&course_id… 1/2

%30

%20

%15

SafeAssign Originality Report Digital Forensics Tools & Tchq - 202040 - CRN170 - Mitchell • Week Eight Assignment

%65Total Score: High riskSaai Shree Rama Sarikonda Submission UUID: 9174a154-a751-d098-9e87-b9bd6afe6aa0

Total Number of Reports

1 Highest Match

65 % week8.docx

Average Match

65 % Submitted on

05/03/20 03:16 PM EDT

Average Word Count

349 Highest: week8.docx

%65Attachment 1

Internet (2)

belkasoft sans

Institutional database (2)

Student paper Student paper

Global database (3)

Student paper Student paper Student paper

Top sources (3)

Excluded sources (0)

Source Matches (9)

View Originality Report - Old Design

Word Count: 349 week8.docx

1 2

4 3

7 6 5

1 belkasoft 4 Student paper 2 sans

DIGITAL FORENSICS

Belkasoft Live RAM Capturer is a forensic tool that is free of charge and helps in consistently extracting the volatile memory of the computer even with an active

debugging system. It has a 32-bit and 64 bits builds purposed at maximizing the footprint of the tool. “The captured memory dumps using this tool can be

analyzed in Belkasoft Evidence Center with Lie RAM Analysis” (Dave, et al., 2014). When weighed against the other volatile memory capturing tools, this tool has different design goals and is also compatible with all windows versions. Mandiant RedLine is a leading free of charge tool that provides host investigative capacity

to the users alerting them of any malicious activity signs through an analysis of memory and file as well as the threat assessment profile development (Prasanthi, 2016). This tool is used in collecting all data regarding the host’s running processes, the driers from memory and it also collects other data such as metadata, services, among others intending to build an accurate report. With this tool, it is possible to audit and collects all running processes and driers from the memory, file system, web history among others in a thorough manner. One can, therefore, be able to with ease restructure memory analysis with a workflow that is proven for malware analysis basing on relative precedence. And also, it is possible to perform IOC analysis. It is automatically configured to collect the data that is required in

performing IOC analysis and an IOC hit result review. When collecting the above best tools from a wide range of options, I have considered affordability, accessibility, and accountability.

References Dave, R., Mistry, N. R., & Dahiya, M. S. (2014). Volatile memory based forensic artifacts & analysis. International Journal for Research in Applied

Science and Engineering Technology, 2, 120-124. Retrieved from: https://cyberforensicator.com/wp-content/uploads/2018/02/fileserve.pdf Prasanthi, B. V. (2016). Cyber forensic tools: a review. International Journal of Engineering Trends and Technology (IJETT), 41(5), 266-271. Retrieved from:

https://commons.erau.edu/cgi/viewcontent.cgi?referer=https://scholar.google.com/&httpsredir=1&article=1362&context=adfsl

1

1

2

3

4 4

5 6 7

5/11/2020 Originality Report

https://blackboard.nec.edu/webapps/mdb-sa-BB5b75a0e7334a9/originalityReport/ultra?attemptId=daf20ac8-f8d8-4037-b3f7-573d67e2f47a&course_id… 2/2

belkasoft 64%

belkasoft 66%

sans 71%

Student paper 64%

Student paper 94%

Student paper 100%

Student paper 100%

Student paper 100%

Student paper 73%

1

Student paper

Belkasoft Live RAM Capturer is a forensic tool that is free of charge and helps in consistently extracting the volatile memory of the computer even with an active debugging system.

Original source

Belkasoft Live RAM Capturer is a tiny free forensic tool that allows to reliably extract the entire contents of computer’s volatile memory – even if protected by an active anti-debugging or anti-dumping system

1

Student paper

“The captured memory dumps using this tool can be analyzed in Belkasoft Evidence Center with Lie RAM Analysis” (Dave, et al., 2014).

Original source

Memory dumps captured with Belkasoft Live RAM Capturer can be analyzed with Live RAM Analysis in Belkasoft Evidence Center

2

Student paper

Mandiant RedLine is a leading free of charge tool that provides host investigative capacity to the users alerting them of any malicious activity signs through an analysis of memory and file as well as the threat assessment profile development (Prasanthi, 2016).

Original source

“Redline, Mandiant’s premier free tool, provides host investigative capabilities to users to find signs of malicious activity through memory and file analysis, and the development of a threat assessment profile”.[2]

3

Student paper

It is automatically configured to collect the data that is required in performing IOC analysis and an IOC hit result review.

Original source

The Redline portable agent configured to gather the required data to perform IOC Analysis and IOC hit result review

4

Student paper

References Dave, R., Mistry, N. R., & Dahiya, M.

Original source

Dave, R., Mistry, N R., & Dahiya, M

4

Student paper

Volatile memory based forensic artifacts & analysis. International Journal for Research in Applied Science and Engineering Technology, 2, 120-124.

Original source

Volatile memory-based forensic artifacts & analysis International Journal for Research in Applied Science and Engineering Technology, 2, 120-124

5

Student paper

Cyber forensic tools:

Original source

Cyber Forensic Tools

6

Student paper

International Journal of Engineering Trends and Technology (IJETT), 41(5), 266- 271.

Original source

International Journal of Engineering Trends and Technology (IJETT), 41(5), 266- 271

7

Student paper

https://commons.erau.edu/cgi/viewconte nt.cgi? referer=https://scholar.google.com/&http sredir=1&article=1362&context=adfsl

Original source

https://commons.erau.edu/cgi/viewconte nt.cgi? referer=https://search.yahoo.com/&https redir=1&article=1501&context=jaaer