{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2024,9,9]],"date-time":"2024-09-09T19:36:21Z","timestamp":1725910581591},"publisher-location":"Singapore","reference-count":11,"publisher":"Springer Singapore","isbn-type":[{"type":"print","value":"9789811063848"},{"type":"electronic","value":"9789811063855"}],"license":[{"start":{"date-parts":[[2017,1,1]],"date-time":"2017-01-01T00:00:00Z","timestamp":1483228800000},"content-version":"unspecified","delay-in-days":0,"URL":"http:\/\/www.springer.com\/tdm"}],"content-domain":{"domain":[],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2017]]},"DOI":"10.1007\/978-981-10-6385-5_32","type":"book-chapter","created":{"date-parts":[[2017,9,15]],"date-time":"2017-09-15T10:03:52Z","timestamp":1505469832000},"page":"373-385","source":"Crossref","is-referenced-by-count":3,"title":["Research on Linux Kernel Version Diversity for\u00a0Precise Memory Analysis"],"prefix":"10.1007","author":[{"given":"Shuhui","family":"Zhang","sequence":"first","affiliation":[]},{"given":"Xiangxu","family":"Meng","sequence":"additional","affiliation":[]},{"given":"Lianhai","family":"Wang","sequence":"additional","affiliation":[]},{"given":"Guangqi","family":"Liu","sequence":"additional","affiliation":[]}],"member":"297","published-online":{"date-parts":[[2017,9,16]]},"reference":[{"key":"32_CR1","doi-asserted-by":"crossref","first-page":"28","DOI":"10.1016\/j.diin.2015.01.009","volume":"12","author":"MI Cohen","year":"2015","unstructured":"Cohen, M.I.: Characterization of the windows kernel version variability for accurate memory analysis. Digit. Invest. 12, 28\u201349 (2015)","journal-title":"Digit. Invest."},{"key":"32_CR2","unstructured":"The rekall profile repository. \nhttps:\/\/github.com\/google\/rekall-profiles"},{"key":"32_CR3","unstructured":"The volatility framework. \nhttp:\/\/www.volatilityfoundation.org\/"},{"key":"32_CR4","unstructured":"Linux Kernel. \nhttps:\/\/en.wikipedia.org\/wiki\/Linux_kernel"},{"key":"32_CR5","unstructured":"Linux memory forensics. \nhttp:\/\/www.drdobbs.com\/linux-memory-forensics\/199101801"},{"key":"32_CR6","unstructured":"Memoryze. \nhttps:\/\/www.mandiant.com\/resources\/download\/memoryze"},{"key":"32_CR7","unstructured":"Moonsols windows memory toolkit. \nhttp:\/\/www.moonsols.com\/windows-memory-toolkit"},{"key":"32_CR8","first-page":"1","volume":"14","author":"S Zhang","year":"2016","unstructured":"Zhang, S., Meng, X., Wang, L.: An adaptive approach for Linux memory analysis based on kernel code reconstruction. EURASIP J. Inf. Secur. 14, 1\u201313 (2016)","journal-title":"EURASIP J. Inf. Secur."},{"key":"32_CR9","volume-title":"The Art Of Memory Forensics: Detecting Malware and Threats in Windows, Linux, and Mac Memory","author":"MH Ligh","year":"2014","unstructured":"Ligh, M.H., Case, A., Levy, J., Walters, A.: The Art Of Memory Forensics: Detecting Malware and Threats in Windows, Linux, and Mac Memory. Wiley Publishing, Indianapolis (2014)"},{"key":"32_CR10","doi-asserted-by":"crossref","first-page":"11","DOI":"10.1016\/j.diin.2016.01.004","volume":"16","author":"A Socala","year":"2016","unstructured":"Socala, A., Cohen, M.: Automatic profile generation for live Linux memory analysis. Digit. Invest. 16, 11\u201324 (2016)","journal-title":"Digit. Invest."},{"key":"32_CR11","doi-asserted-by":"crossref","first-page":"32","DOI":"10.1016\/j.diin.2010.05.005","volume":"7","author":"A Case","year":"2010","unstructured":"Case, A., Marziale, L., Richard, G.G.: Dynamic recreation of kernel data structures for live forensics. Digit. Invest. 7, 32\u201340 (2010)","journal-title":"Digit. Invest."}],"container-title":["Communications in Computer and Information Science","Data Science"],"original-title":[],"link":[{"URL":"http:\/\/link.springer.com\/content\/pdf\/10.1007\/978-981-10-6385-5_32","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2017,9,15]],"date-time":"2017-09-15T10:12:42Z","timestamp":1505470362000},"score":1,"resource":{"primary":{"URL":"http:\/\/link.springer.com\/10.1007\/978-981-10-6385-5_32"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2017]]},"ISBN":["9789811063848","9789811063855"],"references-count":11,"URL":"https:\/\/doi.org\/10.1007\/978-981-10-6385-5_32","relation":{},"ISSN":["1865-0929","1865-0937"],"issn-type":[{"type":"print","value":"1865-0929"},{"type":"electronic","value":"1865-0937"}],"subject":[],"published":{"date-parts":[[2017]]}}}