Memory Forensics for Analyzing Malicious Activities

UIU Institutional Repository

    • Login
    View Item 
    •   UIU DSpace Home
    • School of Science and Engineering (SoSE)
    • Department of Computer Science and Engineering (CSE)
    • M.Sc Thesis/Project
    • View Item
    •   UIU DSpace Home
    • School of Science and Engineering (SoSE)
    • Department of Computer Science and Engineering (CSE)
    • M.Sc Thesis/Project
    • View Item
    JavaScript is disabled for your browser. Some features of this site may not work without it.

    Memory Forensics for Analyzing Malicious Activities

    Thumbnail
    View/Open
    _00-Project Report Final -26 July 2023.pdf (6.128Mb)
    Date
    2023-07-31
    Author
    Prottoy, Rafid Asrar
    Metadata
    Show full item record
    Abstract
    With the change of era, the growing dependency on the computer and Internet is needless to say in a word. Memory is a very important part of a computer that holds the necessary data that the processor uses. As the CPU's running process data is stored in the memory, capturing and preserving the memory information are very important to detect malicious activities. If the memory is volatile like in RAM, data can be easily lost by overwriting or power failure. So, creating the memory dump from the volatile and secondary memory is invaluable for memory forensics and identifying different malicious activities for forensic investigation. Memory dump information can be used forensically to detect malicious activities within the suspected device. Nowadays, Internet usage is increasing tremendously, so people face many attacks like malware originated from the Internet. The attacker uses the victim's machine to execute their plan anonymously. During the investigation, there will be voluminous amount of information to investigate. As malicious processes are smart enough to hide, finding the malicious processes are not that trivial. Investigators must relate the incident data from the memory dump information to identify the malicious activities. There are many challenges in creating the memory dump from the heterogeneous types of devices and investigating the collected memory dump if investigators do not use the right methods and tools, which will enable to create the memory dump mellifluously and to identify different malicious activities in a short time. Using the right tools and frameworks at the right time, the effectiveness of the investigation can be much better and faster. In traditional processes, there is no structural way to find malicious activity. So, in this project, we have proposed a method for investigating malicious activities in a more structured and efficient way from the captured memory dump and identifying malicious activities from a suspected machine.
    URI
    http://dspace.uiu.ac.bd/handle/52243/2835
    Collections
    • M.Sc Thesis/Project [151]

    Copyright 2003-2017 United International University
    Contact Us | Send Feedback
    Developed by UIU CITS
     

     

    Browse

    All of DSpaceCommunities & CollectionsBy Issue DateAuthorsTitlesSubjectsThis CollectionBy Issue DateAuthorsTitlesSubjects

    My Account

    LoginRegister

    Copyright 2003-2017 United International University
    Contact Us | Send Feedback
    Developed by UIU CITS