In this article, we propose an enhancement to the computer forensics technique of using Machine-Learning tools to analyze the contents of RAM in order to extract information that is potentially useful during an investigation. In the specific case presented, the use of the extracted information to generate moreoptimal dictionaries for dictionary cryptanalysis is considered. Increasing user awareness is making cryptanalysis of passwords increasingly difficult for law enforcement. Long and complex passwords are impossible to crack – even when high-performance computing platforms are available. A sensible method of optimization is to look for hints to use a dictionary that contains text phrases more likely to be used in the specific case under attack. Such a hint could be an analysis of RAM taken from a suspect computer. Machine-learning methods can significantly facilitate this task. In this article, we also explore the effectiveness of such an approach and its usefulness in practical applications. We also consider applications of the proposed approach for other purposes, such as OSINT.
