Memory forensics is a crucial aspect of digital forensic investigations as it encompasses the analysis of volatile memory to extract valuable information pertinent to forensic cases. Volatile memory, such as RAM, contains data that reflects the real-time state of a system, including ongoing processes, network connections, and loaded modules among others. This thesis aims to extensively explore, evaluate, and enhance existing techniques and tools utilized for analyzing volatile memory in modern computing environments.
This project can focus on all or some of the follwing tasks:
- To critically evaluate existing techniques and tools for memory forensics.
- To develop or improve methodologies and tools for more effective analysis of volatile memory.
- To explore the potential of emerging technologies in advancing memory forensics.
- Designing and developing improved or new techniques and tools for memory forensics.
- Validation and testing of developed or improved methodologies and tools in real-world
- Detailed analysis of the evaluation and benchmarking results.
- Discussion on the effectiveness of developed or improved techniques and tools.