Antonio Savoldi

Learn More
The aim of this paper is to present a new tool, the Page-file Collection Tool (PCT), which can be used to obtain a pagefile on a live Windows based system. It is a known fact that a pagefile on a live system is protected by the operating system, which uses it in the virtual memory context. By using the NTFS filesystem specifications we were able to(More)
The aim of this paper is to describe a new open source tool, usable on Windows and Linux platform, for digital evidence extraction from SIMs and USIMs card. Nowadays, closed-source or confidential tools are used for this purpose and this is contrary to Daubert's test, because, it is not possible to gain the high degree of acceptability from scientific(More)
The Linux operating system has been used as a server system in plenty of business services worldwide. Nowadays, a lot of incident response approaches on such kind of platform have been established by many researchers active in the computer forensic discipline. Interestingly, many frameworks about how to deal with a live digital investigation on a Linux(More)
The aim of this paper is to demonstrate the usefulness of the pagefile in a live forensic context. The forensic science is striving to find new methodologies to analyze the massive quantity of data normally present in a medium-sized workstation, which can have up to several terabytes of storage devices. As a result, the live forensic approach seems to be(More)
This paper aims at unveiling the real and complete structure of the Symbian S60 v3 (third edition) platform filesystem, which is considered one of the most secure and armored systems issued by Symbian Ltd. in the last two years. By analyzing the unique features of security, which have been applied at the filesystem level, it will become clear how to develop(More)