9004 Problems of information security. Computer systems Проблемы информационной безопасности. Компьютерные системы 2071-8217 5 10.48612/jisp/k8d8-uu31-54za Ways to obtain evidential information from a computer using Open Source Способы получения доказательной информации с компьютера средствами Open Sourсe 0000-0002-6419-0072 Tatarnikova Tatiana Tm-tatarn@yandex.ru 0000-0001-6289-3295 57200960264 Sikarev Igor sikarev@yandex.ru Rychikhin Daniil St. Petersburg State University of Aerospace Instrumentation Russian State Hydrometeorological University 20 09 2024 3 58 68

The current task of obtaining evidentiary information as a direction for the development of digital forensics is considered. The procedure for collecting evidentiary information from computer storage devices is given, including the basic requirements for collecting evidence, its safety and ensuring integrity. An overview of methods for obtaining evidentiary information from a computer is given, among which an accessible and effective method is highlighted using Open Source software to form a snapshot of RAM. The results of an experiment to study the possibility of obtaining and analyzing a snapshot of a computer's RAM using Open Source tools are presented and approximate information is determined that can be obtained when using them in the interests of computer technical expertise

 digital forensics evidentiary information obtained from a computer the procedure for collecting evidentiary information methods for obtaining evidentiary information an experiment on obtaining evidentiary information from a computer