https://orcid.org/0000-0003-4642-6341
![Sample our Computer Science journals, sign in here to start your access, latest two full volumes FREE to you for 14 days]({"type":"image" , "src" : "/sda/5928/TOC-Subject-Sample-2021-Computer-Science.jpg"})
Abstract
Page smear is a phenomenon that occurs when a system’s volatile memory dump is obtained in a non-atomic manner; it’s more common in systems with a lot of RAM and different workloads. It has a considerable impact on the quality and reliability of the forensic artifacts obtained, as well as the analysis of such snapshots. We present SAM, a timeline-based page table state information collection mechanism that enables a reliable memory analysis. It facilitates visualizing inconsistencies in the page table data structure and provides the investigator with a reliable source of page table information to deal with the inconsistent values.
Disclosure statement
No potential conflict of interest was reported by the author(s).
Notes
1 Later, PageDumper’s functionality was extended to work on x86_64-bit Linux with five level paging hierarchy.
2 PageDumper saves the time value for each page it acquires in milliseconds. For a more granular level of timestamp collection, it also allows to log the time values in terms of kernel jiffies. In , the column KERNEL_TIMER provide the acquisition time for the PTE by PageDumper in kernel jiffies.
![Supercharge Your Next Research Paper: Research and write your next paper with Jenni AI.]({"type":"image" , "src" : "/sda/112442/MPU-social-sciences.png"})