-
Notifications
You must be signed in to change notification settings - Fork 2
/
abstract.tex
10 lines (7 loc) · 2.43 KB
/
abstract.tex
1
2
3
4
5
6
7
8
9
10
\clearpage
% \addcontentsline{toc}{section}{\abstractname}
\begin{abstract}
% Digital forensics is an action taken to extract raw data from computers and analyze that data to discover information or to learn about historical events that happened to the target machine. Computer forensics is more and more popular today where cyberattacks happen almost every day. When cyberattacks happen, we must stop the threat, but gathering information about the attack also has the same degree of importance. It is surprising how many information one can learn given only a snapshot of the memory, from running processes to hidden files and cryptographic keys. With high demands, people have come up with many techniques to analyze disk images, hard drives, and physical memory. No matter how great techniques we have for digital forensics, it is still worse than preventing an attack from happening. Even though Antivirus software, live reporting system and firewall mitigate some known attacks but with the new arising group of malware operate in stealth mode, like Cryptomining malware, or Rootkits remain a significant threat to organizations. In this paper, we would like to introduce a scanning system based on digital forensics to list running processes and to assist in the detection of malware.
Computers have become a tool that humans around the world use daily on for their study, work and entertain. With the capability to solve complex problems, it has become a necessity in our life. The widespread of computers also bring crime as hackers have been trying to damage the system or collect confidential information. Malware and attacks happen almost every day, threating our data. While anti-virus software and firewall cannot prevent new malware bringing new attack vectors, digital forensics act as a post-event investigation to collect and examine the attack. Memory forensics, a branch of digital forensics, dig into an infected machine finding hidden malware to analyze their behaviour. The job is done exclusively by experts and not available to the average user. If a regular user can know about the malware infecting his computer, we will be able to detect and prevent the possible spread of malware before the attack. Thus, we analyzed memory forensics techniques and proposed an implementation of a tool for finding hidden processes in a running machine, in the hope that this tool will run automatically and available to regular users as well.
\end{abstract}
\clearpage