The adoption of memory forensics - the art of extracting artifacts from the volatile memory of a compromised system - is spreading in cyber-security investigations. The main reason of this enthusiasm comes from the fact that many artifacts can not be found elsewhere. In this way, the forensics analysts can gain the big picture over a malicious behavior. Nevertheless, memory forensics is less than two decades old: many challenges are unsolved and many questions are unanswered. This thesis gives a new perspective over three of these problems. The first contribution studies the effects non-atomic acquisition methods. The root cause of this problem is quite straightforward to explain: while the memory is acquired, user and kernel pro...
Standard procedures in computer forensics mainly describe the acquisition and analysis of persistent...
This paper presents the method of identifying and finding forensic evidence from the volatile memory...
The rapid development in the digital world has contributed to the dramatic increase in the number of...
The growth of digital technology spawns both positive and negative effects. Cybercrimes rise with th...
The enhancement of technology has led to a considerable amount of growth in number of cases pertaini...
Memory forensics (or memory analysis) is a relatively new approach to digital forensics that deals e...
This document presents an overview of the most common memory forensics techniques used in the acquis...
Containing most recently accessed data and information about the status of a computer system, physic...
Current threats against typical computer systems demonstrate a need for forensic analysis of memory-...
Memory forensics is a fundamental step in any security incident response process, especially in comp...
This work explores the development of MemTri. A memory forensics triage tool that can assess the lik...
The emerging techniques in volatile memory acquisition and analysis are ideally suited to malware an...
Volatile memory dump and its analysis is an essential part of digital forensics. Among a number of v...
Communication and whole-disk cryptosystems are on the verge of becoming mainstream tools for protect...
The acquisition of volatile memory of running systems has become a prominent and essential procedure...
Standard procedures in computer forensics mainly describe the acquisition and analysis of persistent...
This paper presents the method of identifying and finding forensic evidence from the volatile memory...
The rapid development in the digital world has contributed to the dramatic increase in the number of...
The growth of digital technology spawns both positive and negative effects. Cybercrimes rise with th...
The enhancement of technology has led to a considerable amount of growth in number of cases pertaini...
Memory forensics (or memory analysis) is a relatively new approach to digital forensics that deals e...
This document presents an overview of the most common memory forensics techniques used in the acquis...
Containing most recently accessed data and information about the status of a computer system, physic...
Current threats against typical computer systems demonstrate a need for forensic analysis of memory-...
Memory forensics is a fundamental step in any security incident response process, especially in comp...
This work explores the development of MemTri. A memory forensics triage tool that can assess the lik...
The emerging techniques in volatile memory acquisition and analysis are ideally suited to malware an...
Volatile memory dump and its analysis is an essential part of digital forensics. Among a number of v...
Communication and whole-disk cryptosystems are on the verge of becoming mainstream tools for protect...
The acquisition of volatile memory of running systems has become a prominent and essential procedure...
Standard procedures in computer forensics mainly describe the acquisition and analysis of persistent...
This paper presents the method of identifying and finding forensic evidence from the volatile memory...
The rapid development in the digital world has contributed to the dramatic increase in the number of...