{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2025,6,19]],"date-time":"2025-06-19T04:19:31Z","timestamp":1750306771527,"version":"3.41.0"},"publisher-location":"New York, NY, USA","reference-count":21,"publisher":"ACM","license":[{"start":{"date-parts":[[2013,4,4]],"date-time":"2013-04-04T00:00:00Z","timestamp":1365033600000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/www.acm.org\/publications\/policies\/copyright_policy#Background"}],"funder":[{"DOI":"10.13039\/100006602","name":"Air Force Research Laboratory","doi-asserted-by":"publisher","award":["FA9550-10-1-0289"],"award-info":[{"award-number":["FA9550-10-1-0289"]}],"id":[{"id":"10.13039\/100006602","id-type":"DOI","asserted-by":"publisher"}]}],"content-domain":{"domain":["dl.acm.org"],"crossmark-restriction":true},"short-container-title":[],"published-print":{"date-parts":[[2013,4,4]]},"DOI":"10.1145\/2498328.2500078","type":"proceedings-article","created":{"date-parts":[[2013,7,2]],"date-time":"2013-07-02T14:33:48Z","timestamp":1372775628000},"page":"1-6","update-policy":"https:\/\/doi.org\/10.1145\/crossmark-policy","source":"Crossref","is-referenced-by-count":6,"title":["Evolution of digital forensics in virtualization by using virtual machine introspection"],"prefix":"10.1145","author":[{"given":"James","family":"Poore","sequence":"first","affiliation":[{"name":"Louisiana Tech University, Ruston, LA"}]},{"given":"Juan Carlos","family":"Flores","sequence":"additional","affiliation":[{"name":"Louisiana Tech University, Ruston, LA"}]},{"given":"Travis","family":"Atkison","sequence":"additional","affiliation":[{"name":"Louisiana Tech University, Ruston, LA"}]}],"member":"320","published-online":{"date-parts":[[2013,4,4]]},"reference":[{"doi-asserted-by":"publisher","key":"e_1_3_2_1_1_1","DOI":"10.1109\/MSP.2010.143"},{"issue":"2","key":"e_1_3_2_1_2_1","volume":"6","author":"Bem E.","year":"2007","journal-title":"Computer Forensics Analysis in a Virtual Environment, International Journal of Digital Evidence"},{"volume-title":"Proc. Of HPCVirt 2007","year":"2007","author":"Gavrilovska A., S.","key":"e_1_3_2_1_3_1"},{"key":"e_1_3_2_1_4_1","first-page":"191","volume-title":"Proc. Network and Distributed Systems Security Symposium","author":"Garfinkel M.","year":"2003"},{"doi-asserted-by":"publisher","key":"e_1_3_2_1_6_1","DOI":"10.1109\/ARES.2009.173"},{"key":"e_1_3_2_1_7_1","first-page":"385","volume-title":"Secure and Flexible Monitoring of Virtual Machines. Computer Security and Applications Conference, 2007. ACSAC 2007. Twenty-Third Annual, Vol., No.","author":"Payne B.","year":"2007"},{"doi-asserted-by":"publisher","key":"e_1_3_2_1_8_1","DOI":"10.1109\/SRDS.2010.39"},{"unstructured":"Kruse II W. G. and Heiser J. G. Computer Forensics: Incident Response Essentials (1st ed.): Addison Wesley Professional 2002.   Kruse II W. G. and Heiser J. G. Computer Forensics: Incident Response Essentials (1 st ed.): Addison Wesley Professional 2002.","key":"e_1_3_2_1_9_1"},{"unstructured":"Thomas D. S. and K. Forcht Legal Methods of Using Computer Forensics Techniques for Computer Crime Analysis and Investigation. Issues in Information System 5(2). 2004.  Thomas D. S. and K. Forcht Legal Methods of Using Computer Forensics Techniques for Computer Crime Analysis and Investigation. Issues in Information System 5(2). 2004.","key":"e_1_3_2_1_10_1"},{"unstructured":"B. Nelson A. Phillips F. Enfinger C. Steuart Guide to Computer Forensics and Investigations. Canada: Thomson Learning 2004.   B. Nelson A. Phillips F. Enfinger C. Steuart Guide to Computer Forensics and Investigations. Canada: Thomson Learning 2004.","key":"e_1_3_2_1_11_1"},{"doi-asserted-by":"publisher","key":"e_1_3_2_1_12_1","DOI":"10.1145\/1095810.1095820"},{"doi-asserted-by":"publisher","key":"e_1_3_2_1_13_1","DOI":"10.1007\/978-3-540-87403-4_3"},{"unstructured":"A. Walters The Volatility Framework: Volatile Memory Artifact Extraction Utility Framework November 2011 {Online} https:\/\/www.volatilesystems.com\/default\/volatility.  A. Walters The Volatility Framework: Volatile Memory Artifact Extraction Utility Framework November 2011 {Online} https:\/\/www.volatilesystems.com\/default\/volatility.","key":"e_1_3_2_1_14_1"},{"unstructured":"Volatility Windows XP SP3 Type Definitions Volatile Systems March 2012 {Online} http:\/\/code.google.com\/p\/volatilty\/source\/browse\/trunk\/volatility\/plugins\/overlays\/windows\/xp_sp3_x86_vtypes.py.  Volatility Windows XP SP3 Type Definitions Volatile Systems March 2012 {Online} http:\/\/code.google.com\/p\/volatilty\/source\/browse\/trunk\/volatility\/plugins\/overlays\/windows\/xp_sp3_x86_vtypes.py.","key":"e_1_3_2_1_15_1"},{"doi-asserted-by":"publisher","key":"e_1_3_2_1_16_1","DOI":"10.5555\/1496711.1496728"},{"unstructured":"AccessData FTK Imager AccessData November 2011. {Online} http:\/\/accessdata.com\/support\/adownloads.  AccessData FTK Imager AccessData November 2011. {Online} http:\/\/accessdata.com\/support\/adownloads.","key":"e_1_3_2_1_17_1"},{"unstructured":"Cyber-Software CyberGate Cyber-Software. April 2012. {Online} http:\/\/www.cyber-software.org\/site\/?p=490.  Cyber-Software CyberGate Cyber-Software. April 2012. {Online} http:\/\/www.cyber-software.org\/site\/?p=490.","key":"e_1_3_2_1_18_1"},{"unstructured":"Armadax Software Armadax Keylogger Armadax Software 2012. {Online} http:\/\/www.armadax.com\/keylogger\/.  Armadax Software Armadax Keylogger Armadax Software 2012. {Online} http:\/\/www.armadax.com\/keylogger\/.","key":"e_1_3_2_1_19_1"},{"doi-asserted-by":"publisher","key":"e_1_3_2_1_20_1","DOI":"10.1109\/SP.2011.11"},{"doi-asserted-by":"publisher","key":"e_1_3_2_1_21_1","DOI":"10.1145\/1655148.1655150"},{"doi-asserted-by":"publisher","key":"e_1_3_2_1_22_1","DOI":"10.1145\/2184512.2184518"}],"event":{"sponsor":["ACM Association for Computing Machinery"],"acronym":"ACM SE'13","name":"ACM SE'13: ACM Southeast Regional 2013","location":"Savannah Georgia"},"container-title":["Proceedings of the 51st ACM Southeast Conference"],"original-title":[],"link":[{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/2498328.2500078","content-type":"unspecified","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/dl.acm.org\/doi\/pdf\/10.1145\/2498328.2500078","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,6,18]],"date-time":"2025-06-18T07:28:56Z","timestamp":1750231736000},"score":1,"resource":{"primary":{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/2498328.2500078"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2013,4,4]]},"references-count":21,"alternative-id":["10.1145\/2498328.2500078","10.1145\/2498328"],"URL":"https:\/\/doi.org\/10.1145\/2498328.2500078","relation":{},"subject":[],"published":{"date-parts":[[2013,4,4]]},"assertion":[{"value":"2013-04-04","order":2,"name":"published","label":"Published","group":{"name":"publication_history","label":"Publication History"}}]}}