News / Events

DFIR Stream 0x8 

"Malware Detection in Memory Forensics: Open Challenges and Issues

by Dr. Ricardo J. Rodríguez, University of Zaragoza.

Abstract: Memory forensics is one of the steps of computer forensics, related to the analysis of digital evidence collected from the memory of the system under analysis after a computer incident. Memory forensics can be useful for recovering encryption keys, fileless malware, or (some) packed malware samples. This talk will cover the malware analysis process applied to memory forensic science and the current problems and open challenges faced during this process, presenting the latest advances made by his research group in this area. In particular, Dr. Rodríguez will show how the memory acquisition and analysis process is performed on a memory dump, ending with the extraction of a suspicious artifact for malware analysis, and how the tools they have developed can help digital forensic investigators during the analysis process.

About the Speaker

Dr. Ricardo J. Rodríguez received M.S. and Ph.D. degrees in computer science from the University of Zaragoza, Spain, in 2010 and 2013, respectively. He is currently an Associate Professor at the University of Zaragoza, Spain. 

Dr. Rodríguez is part of the Distributed Computing Research Group at the University of Zaragoza, and he is a member of the Aragon Institute of Engineering Research. In particular, he is the leader of a research line devoted to computer security and the application of formal models to cybersecurity. Under this research line, he has created the RME-DisCo research group at the University of Zaragoza, which is dedicated to software and systems security.

Dr. Rodríguez's research interests include performance and dependability system analysis, network and memory forensics, and program binary analysis. He has participated as a speaker (and trainer) in several security conferences, such as NoConName, Hack.LU, RootedCON, Hack in Paris, MalCON, and Hack in the Box Amsterdam, among others.

Date and Time: Tuesday, May 7. 1:30 – 2:30 pm (GMT+00:00) United Kingdom Time

Location:  Online (Pre-Registration is Required to Obtain the Meeting Link)

Event Registration Link:  https://forms.gle/k6sQdbkMHGfEhZ5C7 

Online Registration Ends May 05 at 04:00 PM (GMT+00:00) United Kingdom Time

Visit Us On Social Media:

Subscribe to our Facebook Group
Follow Us On Twitter
Like our Facebook Page