This paper gives an overviewof all known “live” memory collection techniques on a Windows system, and freely available memory analysis tools. Limitations and knownanti-collection techniques will alsobereviewed. Anal- ysis techniques will be illustrated through some practical examples, drawn from past forensics challenges. This paper is forensics-oriented, but the information provided informa- tion will also be of interest to malware analysts fighting against stealth rootkits.
Mendeley saves you time finding and organizing research
Choose a citation style from the tabs below