Please use this identifier to cite or link to this item:
https://rda.sliit.lk/handle/123456789/1745
Full metadata record
DC Field | Value | Language |
---|---|---|
dc.contributor.author | Murthaja, M | - |
dc.contributor.author | Sahayanathan, B | - |
dc.contributor.author | Munasinghe, A. N. T. S | - |
dc.contributor.author | Uthayakumar, D | - |
dc.contributor.author | Rupasinghe, L | - |
dc.contributor.author | Senarathne, A | - |
dc.date.accessioned | 2022-03-22T10:29:32Z | - |
dc.date.available | 2022-03-22T10:29:32Z | - |
dc.date.issued | 2019-12-05 | - |
dc.identifier.citation | M. Murthaja, B. Sahayanathan, A. N. T. S. Munasinghe, D. Uthayakumar, L. Rupasinghe and A. Senarathne, "An Automated Tool for Memory Forensics," 2019 International Conference on Advancements in Computing (ICAC), 2019, pp. 1-6, doi: 10.1109/ICAC49085.2019.9103416. | en_US |
dc.identifier.isbn | 978-1-7281-4170-1 | - |
dc.identifier.uri | http://rda.sliit.lk/handle/123456789/1745 | - |
dc.description.abstract | In the present, memory forensics has captured the world's attention. Currently, the volatility framework is used to extract artifacts from the memory dump, and the extracted artifacts are then used to investigate and to identify the malicious processes in the memory dump. The investigation process must be conducted manually, since the volatility framework provides only the artifacts that exist in the memory dump. In this paper, we investigate the four predominant domains of registry, DLL, API calls and network connections in memory forensics to implement the system `Malfore,' which helps automate the entire process of memory forensics. We use the cuckoo sandbox to analyze malware samples and to obtain memory dumps and volatility frameworks to extract artifacts from the memory dump. The finalized dataset was evaluated using several machine learning algorithms, including RNN. The highest accuracy achieved was 98%, and it was reached using a recurrent neural network model, fitted to the data extracted from the DLL artifacts, and 92% accuracy was reached using a recurrent neural network model, fitted to data extracted from the network connection artifacts. | en_US |
dc.language.iso | en | en_US |
dc.publisher | IEEE | en_US |
dc.relation.ispartofseries | 2019 International Conference on Advancements in Computing (ICAC);Pages 1-6 | - |
dc.subject | Automated Tool | en_US |
dc.subject | Memory Forensics | en_US |
dc.title | An Automated Tool for Memory Forensics | en_US |
dc.type | Article | en_US |
dc.identifier.doi | 10.1109/ICAC49085.2019.9103416 | en_US |
Appears in Collections: | 1st International Conference on Advancements in Computing (ICAC) | 2019 Research Papers - Dept of Computer Systems Engineering Research Papers - IEEE Research Papers - SLIIT Staff Publications |
Files in This Item:
File | Description | Size | Format | |
---|---|---|---|---|
An_Automated_Tool_for_Memory_Forensics.pdf Until 2050-12-31 | 545.51 kB | Adobe PDF | View/Open Request a copy |
Items in DSpace are protected by copyright, with all rights reserved, unless otherwise indicated.