Building stack traces from memory dump of Windows x64
Digital Investigation, pp. S101-S110, 2018.
Stack traces play an important role in memory forensics as well as program debugging. This is because stack traces provide a history of executed code in a malware-infected host and this history could become a clue for forensic analysts to uncover the cause of an incident, i.e., what malware have actually done on the host. Nevertheless, ex...More
Full Text (Upload PDF)
PPT (Upload PPT)