Show simple item record

dc.contributor.authorProttoy, Rafid Asrar
dc.date.accessioned2023-08-01T04:44:03Z
dc.date.available2023-08-01T04:44:03Z
dc.date.issued2023-07-31
dc.identifier.urihttp://dspace.uiu.ac.bd/handle/52243/2835
dc.description.abstractWith the change of era, the growing dependency on the computer and Internet is needless to say in a word. Memory is a very important part of a computer that holds the necessary data that the processor uses. As the CPU's running process data is stored in the memory, capturing and preserving the memory information are very important to detect malicious activities. If the memory is volatile like in RAM, data can be easily lost by overwriting or power failure. So, creating the memory dump from the volatile and secondary memory is invaluable for memory forensics and identifying different malicious activities for forensic investigation. Memory dump information can be used forensically to detect malicious activities within the suspected device. Nowadays, Internet usage is increasing tremendously, so people face many attacks like malware originated from the Internet. The attacker uses the victim's machine to execute their plan anonymously. During the investigation, there will be voluminous amount of information to investigate. As malicious processes are smart enough to hide, finding the malicious processes are not that trivial. Investigators must relate the incident data from the memory dump information to identify the malicious activities. There are many challenges in creating the memory dump from the heterogeneous types of devices and investigating the collected memory dump if investigators do not use the right methods and tools, which will enable to create the memory dump mellifluously and to identify different malicious activities in a short time. Using the right tools and frameworks at the right time, the effectiveness of the investigation can be much better and faster. In traditional processes, there is no structural way to find malicious activity. So, in this project, we have proposed a method for investigating malicious activities in a more structured and efficient way from the captured memory dump and identifying malicious activities from a suspected machine.en_US
dc.language.isoen_USen_US
dc.publisherUIUen_US
dc.titleMemory Forensics for Analyzing Malicious Activitiesen_US
dc.typeProject Reporten_US


Files in this item

Thumbnail

This item appears in the following Collection(s)

Show simple item record