Using virtual machine introspection and forensic memory analysis to detect rookit

View/Open

022003551-Hoang, Dinh Pham Duy.pdf (510.8Kb)

Date

2014

Author

Hoang, Dinh Pham Duy

Metadata

Show full item record

Abstract

Virtualization has been growing in decent years due to its features. This also turned out that security and monitoring for the virtualized environment is a must. Virtual machine introspection is a solution for this issue. On the other side, forensic memory analysis tools are great for examining system memory snapshot. In this paper, we used a combination of virtual machine introspection and forensic memory analysis to working on a small piece of security era, rootkit.

URI

http://10.8.20.7:8080/xmlui/handle/123456789/2120

Collections

Bachelor Thesis - Civil Engineering