Objective
The talk is to give an overview and to demonstrate memory analysis using a open source tool called Volatility. This session will also cover the various features embedded in Volatility and also the advantages.
Description
Memory forensics is an emerging topic in the field of digital forensics. Mining artifacts from memory adds valuable asset for any forensic investigations. This talk will demonstrate beginning with collecting a memory dump, followed by an explanation of artifacts and demonstration of the various plugins available in Volatility on the collected memory dump. Will also present the various techniques and advantages of using the framework.
Session highlight:
- Introduction:
- Need for memory forensics
- The components we deal with
- Processes.
- Registry Keys.
- Connections.
- Logs.
- Some Malware artifacts.
- Setting up the environment - Linux and Windows.
- Demonstration and explanation of a few plugins.
- Process
- Registry
- Connections
- Logs
- Malware
- Misc
- Limitations
Speaker bio
I am a Research Assistant and a Masters student in Cyber security and Network systems from Amrita Vishwa Vidyapeetham, Amritapuri Campus. My area of interest is Digital Forensics. I am a part of University's ethical hacking team "bi0s", which participates in Capture the Flag competitions. Winners of HackIM and Jailbreak'14 CTF competitions, organized by nu|c0n as part of their annual security conference.
2
▼
Please provide links to your profile and slides and videos from your previous sessions; anything that'll help folks decide if they want to attend your session
1
▼
I have added my blog link. Is that sufficient?