Date of Award
Summer 8-2015
Degree Type
Thesis-Restricted
Degree Name
M.S.
Degree Program
Computer Science
Department
Computer Science
Major Professor
Richard, Golden
Second Advisor
Tu, Shengru
Third Advisor
Ahmed, Irfan
Abstract
Digital forensics is the investigation and recovery of data from digital hardware. The field has grown in recent years to include support for operating systems such as Windows, Linux and Mac OS X. However, little to no support has been provided for less well known systems such as the FreeBSD operating system.
The project presented in this paper focuses on creating the foundational support for FreeBSD via Volatility, a leading forensic tool in the digital forensic community. The kernel and source code for FreeBSD were studied to understand how to recover various data from analysis of a given system’s memory image. This paper will focus on the base Volatility support that was implemented, as well as the additional plugins created to recover desired data, including but not limited to the retrieval of a system’s process list and mounted file systems.
Recommended Citation
Bond, Elyse, "Creating Volatility Support for FreeBSD" (2015). University of New Orleans Theses and Dissertations. 2033.
https://scholarworks.uno.edu/td/2033
Rights
The University of New Orleans and its agents retain the non-exclusive license to archive and make accessible this dissertation or thesis in whole or in part in all forms of media, now or hereafter known. The author retains all other ownership rights to the copyright of the thesis or dissertation.