Abstract
Forensics from volatile memory plays an important role in the investigation of cyber crime. The acquisition of RAM Memory or other terms of RAM dump can assist forensic investigators in retrieving much of the information related to crime. There are various tools available for RAM analysis including Volatility, which currently dominates open source forensic RAM tools. It has happened that many forensic investigators are thinking that they probably have malware in the RAM dump. And, if they do exist, they're still not very capable Malware Analysts, so it's hard for them to analyze the possibilities of malware in a RAM dump. The availability of tools such as Volatility allows forensic investigators to identify and link the various components to conclude whether the crime was committed using malware or not. However, the use of volatility requires knowledge of basic commands as well as static malware analysis. This work is done to assist forensic investigators in detecting and analyzing possible malware from dump RAM. This work is based on the volatility framework and the result is a Forensic tool for analyzing RAM dumps and detecting possible malware in it using machine learning algorithms in order to detect offline (not connected to the internet)
Sign-in/Register to access full text options 
Free) 
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a call
