Coursera Cuts Jobs Despite $100M Revenue Milestone

Hiding Process Memory via Anti-Forensic Techniques

Hiding Process Memory via Anti-Forensic Techniques

Black Hat via YouTube Direct link

Test environment

18 of 26
Previous
Next

18 of 26

Test environment

Class Central Classrooms beta

YouTube videos curated by Class Central.

Classroom Contents

Hiding Process Memory via Anti-Forensic Techniques

Automatically move to the next video in the Classroom when playback concludes
  1. 1 Intro
  2. 2 Agenda
  3. 3 Introduction
  4. 4 Process Address Space
  5. 5 Paging
  6. 6 Overview
  7. 7 PTE Subversions
  8. 8 PTE Remapping
  9. 9 PTE Erasure
  10. 10 Evaluation - Memory Forensics
  11. 11 Evaluation - Live Forensics
  12. 12 Considerations
  13. 13 Modified PFN Remapping on Windows
  14. 14 MAS Remapping Detection
  15. 15 PTE Subversion Detection - Windows
  16. 16 PTE Subversion Detection - Linux
  17. 17 Shared Memory Subversion Detection
  18. 18 Test environment
  19. 19 Detection Evaluation - Windows
  20. 20 Detection Evaluation - Linux
  21. 21 False Positives - Windows
  22. 22 False Positives - Linux
  23. 23 Comparison - Attacker's Point of View
  24. 24 Conclusion
  25. 25 Limitations
  26. 26 Future Work

Never Stop Learning.

Get personalized course recommendations, track subjects and courses with reminders, and more.

Sign up for free
Someone learning on their laptop while sitting on the floor.