Methods and Tools for Investigating Attacks - Memory Forensics

Lixun Peng, Gabriela Mogos

Research output: Chapter in Book or Report/Conference proceedingConference Proceedingpeer-review


The memory of network attack and the reclusion of network crime make part of the key digital evidence only exist in physical memory or temporarily stored in the page exchange file, which makes the traditional file system-based computer forensics can not effectively deal with. Memory forensics as important supplement of traditional file system, is an important part of computer forensics science, through comprehensive access to memory data memory data, detailed analysis, based on the extraction and attack or network crime related to digital evidence, in recent years, sustained attention, memory forensics has won the security community obtained rapid development and wide application, in the network emergency response and network crime investigation play an irreplaceable role. We motivate this research from the perspective of the key points and core elements involved in memory forensics analysis. This paper presents a comprehensive theoretical exposition and framework analysis on memory forensics, combined with the practice of specific tools.

Original languageEnglish
Title of host publicationICBDT 2022 - 2022 5th International Conference on Big Data Technologies
PublisherAssociation for Computing Machinery
Number of pages6
ISBN (Electronic)9781450396875
Publication statusPublished - 23 Sept 2022
Event5th International Conference on Big Data Technologies, ICBDT 2022 - Virtual, Online, China
Duration: 23 Sept 202225 Sept 2022

Publication series

NameACM International Conference Proceeding Series


Conference5th International Conference on Big Data Technologies, ICBDT 2022
CityVirtual, Online


  • attacks
  • digital forensics
  • memory forensics
  • prevention
  • threats


Dive into the research topics of 'Methods and Tools for Investigating Attacks - Memory Forensics'. Together they form a unique fingerprint.

Cite this