Dynamic malware analysis in the modern era—A state of the art survey
Although malicious software (malware) has been around since the early days of computers,
the sophistication and innovation of malware has increased over the years. In particular, the …
the sophistication and innovation of malware has increased over the years. In particular, the …
A universal taxonomy and survey of forensic memory acquisition techniques
T Latzo, R Palutke, F Freiling - Digital Investigation, 2019 - Elsevier
Main memory analysis plays an increasingly important role in today's digital forensic
analysis. It can be used to retrieve encryption keys or to analyze malware that solely resides …
analysis. It can be used to retrieve encryption keys or to analyze malware that solely resides …
A lightweight live memory forensic approach based on hardware virtualization
The results of memory forensics can not only be used as evidence in court but are also
beneficial for analyzing vulnerability and improving security. Thus, memory forensics has …
beneficial for analyzing vulnerability and improving security. Thus, memory forensics has …
The evolution of volatile memory forensics
H Nyholm, K Monteith, S Lyles, M Gallegos… - … of Cybersecurity and …, 2022 - mdpi.com
The collection and analysis of volatile memory is a vibrant area of research in the
cybersecurity community. The ever-evolving and growing threat landscape is trending …
cybersecurity community. The ever-evolving and growing threat landscape is trending …
[HTML][HTML] Acquisition and analysis of compromised firmware using memory forensics
J Stüttgen, S Vömel, M Denzel - Digital Investigation, 2015 - Elsevier
To a great degree, research in memory forensics concentrates on the acquisition and
analysis of kernel-and user-space software from physical memory to date. With the system …
analysis of kernel-and user-space software from physical memory to date. With the system …
[HTML][HTML] Evaluating atomicity, and integrity of correct memory acquisition methods
M Gruhn, FC Freiling - Digital Investigation, 2016 - Elsevier
With increased use of forensic memory analysis, the soundness of memory acquisition
becomes more important. We therefore present a black box analysis technique in which …
becomes more important. We therefore present a black box analysis technique in which …
[HTML][HTML] An evaluation platform for forensic memory acquisition software
S Vömel, J Stüttgen - Digital Investigation, 2013 - Elsevier
Memory forensics has gradually moved into the focus of researchers and practitioners alike
in recent years. With an increasing effort to extract valuable information from a snapshot of a …
in recent years. With an increasing effort to extract valuable information from a snapshot of a …
Defining atomicity (and integrity) for snapshots of storage in forensic computing
J Ottmann, F Breitinger, F Freiling - Forensic Science International: Digital …, 2022 - dfrws.org
The acquisition of data from main memory or from hard disk storage is usually one of the first
steps in a forensic investigation. We revisit the discussion on quality criteria for “forensically …
steps in a forensic investigation. We revisit the discussion on quality criteria for “forensically …
Applying memory forensics to rootkit detection
I Korkin, I Nesterov - arXiv preprint arXiv:1506.04129, 2015 - arxiv.org
Volatile memory dump and its analysis is an essential part of digital forensics. Among a
number of various software and hardware approaches for memory dumping there are …
number of various software and hardware approaches for memory dumping there are …
Malware resistant data protection in hyper-connected networks: A survey
Data protection is the process of securing sensitive information from being corrupted,
compromised, or lost. A hyperconnected network, on the other hand, is a computer …
compromised, or lost. A hyperconnected network, on the other hand, is a computer …