skip to content
Malware memory analysis for non-specialists : investigating publicly available memory image Ozapftis (R2D2) Preview this item
ClosePreview this item
Checking...

Malware memory analysis for non-specialists : investigating publicly available memory image Ozapftis (R2D2)

Author: Richard Carbone; Canada.
Publisher: [Place of publication not identified] : Defence Research and Development Canada, 2013.
Edition/Format:   eBook : Document : EnglishView all editions and formats
Summary:
This technical memorandum examines how an investigator can analyse an infected Windows memory dump. The author investigates how to carry out such an analysis using Volatility and other investigative tools, including data carving utilities and anti-virus scanners. Volatility is a popular and evolving open source-based memory analysis framework upon which the author has proposed a memory-specific methodology for  Read more...
Rating:

(not yet rated) 0 with reviews - Be the first.

Find a copy online

Links to this item

Find a copy in the library

&AllPage.SpinnerRetrieving; Finding libraries that hold this item...

Details

Genre/Form: Electronic books
Material Type: Document, Internet resource
Document Type: Internet Resource, Computer File
All Authors / Contributors: Richard Carbone; Canada.
OCLC Number: 961866806
Notes: Title from content provider.
Description: 1 online resource
Responsibility: Carbone, Richard.

Abstract:

This technical memorandum examines how an investigator can analyse an infected Windows memory dump. The author investigates how to carry out such an analysis using Volatility and other investigative tools, including data carving utilities and anti-virus scanners. Volatility is a popular and evolving open source-based memory analysis framework upon which the author has proposed a memory-specific methodology for aiding fellow novice memory analysts. The author examines how Volatility can be used to find evidence and indicators of infection. This technical memorandum is the third in a series concerning Windows malware-based memory analysis. This current work examines the 0zapftis (R2D2) infected memory image.

Reviews

User-contributed reviews
Retrieving GoodReads reviews...
Retrieving DOGObooks reviews...

Tags

Be the first.
Confirm this request

You may have already requested this item. Please select Ok if you would like to proceed with this request anyway.

Linked Data


Primary Entity

<http://www.worldcat.org/oclc/961866806> # Malware memory analysis for non-specialists : investigating publicly available memory image Ozapftis (R2D2)
    a schema:Book, schema:CreativeWork, schema:MediaObject ;
    library:oclcnum "961866806" ;
    library:placeOfPublication <http://experiment.worldcat.org/entity/work/data/2833855627#Place/place_of_publication_not_identified> ; # Place of publication not identified
    schema:bookFormat schema:EBook ;
    schema:contributor <http://experiment.worldcat.org/entity/work/data/2833855627#Organization/canada> ; # Canada.
    schema:creator <http://experiment.worldcat.org/entity/work/data/2833855627#Person/carbone_richard> ; # Richard Carbone
    schema:datePublished "2013" ;
    schema:description "This technical memorandum examines how an investigator can analyse an infected Windows memory dump. The author investigates how to carry out such an analysis using Volatility and other investigative tools, including data carving utilities and anti-virus scanners. Volatility is a popular and evolving open source-based memory analysis framework upon which the author has proposed a memory-specific methodology for aiding fellow novice memory analysts. The author examines how Volatility can be used to find evidence and indicators of infection. This technical memorandum is the third in a series concerning Windows malware-based memory analysis. This current work examines the 0zapftis (R2D2) infected memory image."@en ;
    schema:exampleOfWork <http://worldcat.org/entity/work/id/2833855627> ;
    schema:genre "Electronic books"@en ;
    schema:inLanguage "en" ;
    schema:name "Malware memory analysis for non-specialists : investigating publicly available memory image Ozapftis (R2D2)"@en ;
    schema:productID "961866806" ;
    schema:publication <http://www.worldcat.org/title/-/oclc/961866806#PublicationEvent/place_of_publication_not_identified_defence_research_and_development_canada_2013> ;
    schema:publisher <http://experiment.worldcat.org/entity/work/data/2833855627#Agent/defence_research_and_development_canada> ; # Defence Research and Development Canada
    schema:url <http://publications.gc.ca/collections/collection_2016/rddc-drdc/D68-6-177-2013-eng.pdf> ;
    schema:url <http://oaresource.library.carleton.ca/wcl/2016/20160725/D68-6-177-2013-eng.pdf> ;
    wdrs:describedby <http://www.worldcat.org/title/-/oclc/961866806> ;
    .


Related Entities

<http://experiment.worldcat.org/entity/work/data/2833855627#Agent/defence_research_and_development_canada> # Defence Research and Development Canada
    a bgn:Agent ;
    schema:name "Defence Research and Development Canada" ;
    .

<http://experiment.worldcat.org/entity/work/data/2833855627#Person/carbone_richard> # Richard Carbone
    a schema:Person ;
    schema:familyName "Carbone" ;
    schema:givenName "Richard" ;
    schema:name "Richard Carbone" ;
    .

<http://experiment.worldcat.org/entity/work/data/2833855627#Place/place_of_publication_not_identified> # Place of publication not identified
    a schema:Place ;
    schema:name "Place of publication not identified" ;
    .

<http://www.worldcat.org/title/-/oclc/961866806>
    a genont:InformationResource, genont:ContentTypeGenericResource ;
    schema:about <http://www.worldcat.org/oclc/961866806> ; # Malware memory analysis for non-specialists : investigating publicly available memory image Ozapftis (R2D2)
    schema:dateModified "2018-07-13" ;
    void:inDataset <http://purl.oclc.org/dataset/WorldCat> ;
    .


Content-negotiable representations

Close Window

Please sign in to WorldCat 

Don't have an account? You can easily create a free account.