| ID Code |
: |
CSC 0010 |
| Title |
: |
Holistic Approach for Memory Analysis in Windows System |
| Author/s |
: |
Khairul Akram Zainol Ariffin
Ahmad Kamil Mahmood
Jafrezal Jaafar
Dr Solahuddin Shamsuddin |
| Abstract |
: |
Research on computer memory analysis has been quite intensive in the past years. A number of tools and techniques have been designed and developed to retrieve critical information from the computer memory. However, most of the tools and techniques have their limitation in the ability to retrieve important information. Hence, in the present study, an alternative approach is proposed to combine the process signature search with page table tracking in order to trace all objects that link with the process block. The result from the experiment shows that the new approach is able to retrieve a large number of objects that link with the process block. A good comparison with the previous studies is conducted as to test the efficiency of the new approach. |
| Publication |
: |
Information Systems International Conference 2013 |
| Year Published |
: |
2013|687-693|Conference Proceeding |
| PDF / Official URL |
: |
PDF |
