Today we are talking about 'Robust bootstrapping memory analysis against anti-forensics' by Lee Kyoungho, Hwang Hyunuk, Kim Kibom and Noh BongNam. This paper deals with anti-forensics techniques against memory analysis, as well as using KiInitialPCR as a more tamper-resistant data structure for OS fingerprinting and process list extraction.

K. Lee, H. Hwang, K. Kim, and B. Noh, “Robust bootstrapping memory analysis against anti-forensics,” Digit. Investig., vol. 18, Supplement, pp. S23–S32, Aug. 2016.

Science Direct:
DFRWS Archive: