Cyber attacks and cybercrimes that run stealthy in computer memory make the traditional file system-based computer forensics tasks difficult to be carried out effectively, and thus become a serious security threat. As an important branch of computer forensics, memory forensics is an effective way to combat evasive cyber attacks and cybercrimes. It extracts the evidence of cyber attacks and cybercrimes by comprehensively obtaining and analyzing memory data left by attackers. In recent years, the memory forensics which has drawn sustained attention of the security community, and undergone rapid development with wide range of applications, plays an irreplaceable role in the network incident response and cybercrime investigations. This paper first reviews the origin and evolution processes of memory forensics research, followed by introduction of the key mechanism of operating system memory management. It then explores the memory data acquisition and analysis methods, and summarizes the latest memory forensics technology. The paper concludes with a discussion of the existing problems of current memory forensics, and outlook of the trends and further research directions of memory forensics.