Article ID | Journal | Published Year | Pages | File Type |
---|---|---|---|---|
10342406 | Digital Investigation | 2015 | 9 Pages |
Abstract
For each new rootkit detection technique we propose, a Volatility plugin was developed. Volatility is currently by far the most popular memory forensics framework in incident response and malware analysis, and by incorporating our work into Volatility, it can become immediately useful to the community. The paper concludes with an evaluation of the plugins, to illustrate their usefulness.
Related Topics
Physical Sciences and Engineering
Computer Science
Computer Networks and Communications
Authors
Andrew Case, Golden G. III,