Kernel-level attacks are serious threat to the integrity and security of operating systems. Existing kernel integrity measurement methods are one-sided when selecting the measurement objects, as most of these methods suffer from periodic detection shortcoming that makes themselves vulnerable to TOC-TOU attacks. Besides, hardware-based kernel integrity measurement methods are usually too expensive, while hypervisor-based kernel integrity measurement methods are always likely to degrade system performance due to the introduction of complex VMMs. To address these problems, this study proposes a kernel integrity measurement approach based on memory forensics technique (KIMBMF). First, the static and dynamic measurement objects are extracted with the memory forensics technique, and a time random algorithm is presented to degrade the impact caused by TOC-TOU attacks. At the same time, a novel algorithm is also introduced by combining the Hash operation with cryptographic operation, thereby ensuring the security of the measurement progress. Next, a kernel integrity measurement prototype is implemented according to the above techniques and algorithms, and its effectiveness and overhead are evaluated. Experimental results show that KIMBMF can measure the integrity of operating system effectively, and has a reasonable time overhead.