Abstract

Advanced Persistent Threat (APT) is currently reported to be one of the most serious threats. It is very important to detect the APT Trojan as early as possible. There are three types of approaches to conduct APT detection: network traffic analysis, change controlling and sandboxing. Unfortunately, all these approaches have limitations in detecting unknown APT Trojans. This paper proposes a novel APT Trojan detection method by utilizing memory forensics techniques. The proposed method first acquires the raw physical memory image from a target running system and then finds the APT’s traces in the memory image based on the ATP’s characteristics and memory forensics techniques. If enough traces are found, we can judge that there must be Trojans in the target system. Experimental results show that the proposed method can effectively detect new APT Trojans.

Talk to us

Join us for a 30 min session where you can share your feedback and ask us any queries you have

Schedule a call

Similar Papers

Paper Title
Journal
Date
Author
Enhancement of Forensic Computing Investigations through Memory Forensic Techniques
Matthew Simon ... Jill Slay
-
Matthew Simon, et. al.Matthew Simon ... Jill Slay
01 Jan 2009
Using Memory Forensics to Analyze Programming Language Runtimes
Modhuparna Manna
-
Modhuparna MannaModhuparna Manna
10 Jun 2022
Combining Renyi Entropy and EWMA to Detect Common Attacks in Network
Ruoyu Yan
International Journal of Pattern Recognition and Artificial Intelligence | VOL. 30
Ruoyu YanRuoyu Yan
23 Nov 2016
Volatile Data Acquisition and Analysis by Using Memory Forensics Techniques
Rabia Mehmood
International Journal for Electronic Crime Investigation | VOL. 7
Rabia Mehmood Rabia Mehmood
15 Apr 2024
View more papers

More From: Applied Mechanics and Materials

Paper Title
Journal
Date
Author
Investigation of Strength Concrete Materials Using Pozzolanic Additives
Andi Yusra ... Teuku Budi Aulia
Applied Mechanics and Materials | VOL. 922
Andi Yusra, et. al.Andi Yusra ... Teuku Budi Aulia
19 Aug 2024
Finite Element Analysis and Optimization of the Piezoelectric Circular Diaphragm Energy Harvester
Van Duong Le
Applied Mechanics and Materials | VOL. 922
Van Duong LeVan Duong Le
19 Aug 2024
Thermal Analysis of Micro-Channel Internal Cooling in Cutting Tools: A Machine Learning Approach
Aman Abid ... Shahid Hussain
Applied Mechanics and Materials | VOL. 922
Aman Abid, et. al.Aman Abid ... Shahid Hussain
19 Aug 2024
Optimization of Machining Process on Coated Tungsten Carbide Electrode Tool and Titanium Alloy Workpiece Using EDM: A Critical Review
Newton Kumar Singh ... Kalakonda Saidaiah
Applied Mechanics and Materials | VOL. 922
Newton Kumar Singh, et. al.Newton Kumar Singh ... Kalakonda Saidaiah
19 Aug 2024
View more papers

Disclaimer: All third-party content on this website/platform is and will remain the property of their respective owners and is provided on "as is" basis without any warranties, express or implied. Use of third-party content does not indicate any affiliation, sponsorship with or endorsement by them. Any references to third-party content is to identify the corresponding services and shall be considered fair use under The CopyrightLaw.