악성코드 탐지를 위한 물리 메모리 분석 기술
|
|
Kang, YoungBok
(전남대학교 정보보안협동과정)
Hwang, Hyunuk (ETRI 부설연구소) Kim, Kibom (ETRI 부설연구소) Sohn, Kiwook (ETRI 부설연구소) Noh, Bongnam (전남대학교 전자컴퓨터공학부) |
| 1 | Michael Hale Ligh, Steven Adair, Blake Hartstein, Mathew Richard, "Malware Analyst's Cookbook and DVD", 에이콘 출판사, pp.715-749, May 2012. |
| 2 | Mariusz Burdach, "Finding Digital Evidence In Physical Memory", Black Hat USA, Feb 2006. |
| 3 | Volatility, https://code.google.com/p/volatility/wiki /CommandReference23#kdbgscan, 2013. |
| 4 | James Okolica, Gilbert L. Peterson, "Windows operating systems agnostic memory analysis", DIGITAL INVESTIGATION 7, pp.48-56, May 2010. DOI |
| 5 | Brendan Dolan-Gavitt, "The VAD tree: A process- eye view of physical memory", DIGITAL INVESTIGATION S4, pp.62-64, Jun 2007. |
| 6 | Raashid Bhat, "Code Injectin on Window", Strudent Computer Security 2BE, Sep 2011. |
| 7 | Elia Floio, "When Malware Meets Rootkits", Symantect Security Response, 2005. |
| 8 | Muteb Alzaidi, Ahmed Alasiri, "The Study of SSDT Hook through Comparative Analysis between Live Response and Memory Image", Master of Information Systems Security Research 2012 Convocation, 2013. |
| 9 | Volatility, https://code.google.com/p/volatility/, 2013. |
| 10 | HBGary, http://hbgary.com/products/responder_pro, 2013. |
| 11 | MANDIANT Redline, http://www.mandiant.com/ resources/download/redline, 2013. |
| 12 | MANDIANT Redline, "Redline User Guide", MANDIANT, 2012. |
| 13 | Michael J. Graven, "Finding Evil In Memory", Ninjacon 11, Jun 2011. |
 |
Korea Institute of Science and Technology Information
Gwahangno, Yuseong-gu, Daejeon, 305-806, Korea TEL : +82-42-869-1752
Copyright (c) 2009 KISTI. All Rights Reserved. For more information mail to
webmaster
