VMMF: Virtual Machine Memory Forensics Based on Event Trigger Mechanism

Android Malware Analysis Based On Memory Forensics

Live forensics solutions have long been proven powerful in various research fields. The rise of mobile platforms has created numerous new challenges for the researchers. The adoption of the widely used technologies of the traditional PC environment has limitations due to the lack of wider control over the mobile operating system. In this paper we present a new malware analysis solution for the ...

Windows Volatile Memory Forensics Based on Correlation Analysis

In this paper, we present an integrated memory forensic solution for multiple Windows memory images. By calculation, the method can find out the correlation degree among the processes of volatile memory images and the hidden clues behind the events of computers, which is usually difficult to be obtained and easily ignored by analyzing one single memory image and forensic investigators. In order...

Building Chinese Event Type Paradigm Based on Trigger Clustering

Traditional Event Extraction mainly focuses on event type identification and event participants extraction based on pre-specified event type annotations. However, different domains have different event type paradigms. When transferring to a new domain, we have to build a new event type paradigm. It is a costly task to discover and annotate event types manually. To address this problem, this pap...

A Virtual Machine Data Communication Mechanism on Openstack

Privacy-preserving virtual machine checkpointing mechanism

Virtual Machines (VMs) have been widely adopted in cloud platforms to improve server consolidation and reduce operating costs. VM checkpointing is used to capture a persistent snapshot of a running VM and to later restore the VM to a previous state. Although VM checkpointing eases system administration, such as in recovering from a VM crash or undoing a previous VM activity, it can also increas...