NCI WEBSITE
NORMA eResearch @NCI Library

A novel approach for threat detection in Windows using cache memory forensics

Tools

Yewalekar, Pushkar Ramprasad (2023) A novel approach for threat detection in Windows using cache memory forensics. Masters thesis, Dublin, National College of Ireland.

[thumbnail of Master of Science]
Preview
 PDF (Master of Science)
Download (963kB) | Preview
[thumbnail of Configuration manual]
Preview
 PDF (Configuration manual)
Download (625kB) | Preview

Abstract

A forensic approach focusing on cache memory that comprises of volatile data containing highly sensitive information of data files. Considering its importance in digital forensics, this is a mine of information in forensics but being limited by its resources like time and storage. Modern day attacks target such volatile memory for malicious user, taking advantage of its limitations due to volatile and overwriting nature. To make use of this cached data, and to reconstruct events in case of any security incidence, a methodical approach is implemented in this paper, that focuses the digital forensic part of investigation on the cache data of Windows. To increase efficiency of detection of threats which executes during the run time, using combination of tools, techniques, and procedures, the novel approach uses key attributes of cache memory before its evasion.

An efficient methodology has been implemented designed to validate the proposed enhancements that highlights the advantages of identifying critical artefacts stored in cache memory. Significantly, this study aims to improvise threat detection, providing unique perspective in digital forensic to overcome existing challenges.

Item Type: Thesis (Masters)
Supervisors:
Name
Email
Sahni, Vikas
UNSPECIFIED
Uncontrolled Keywords: Cyber threats; Cache memory; Cache forensics; Memory acquisition & analysis; Threat detection
Subjects: Q Science > QA Mathematics > Electronic computers. Computer science
T Technology > T Technology (General) > Information Technology > Electronic computers. Computer science
Q Science > QA Mathematics > Computer software > Computer Security
T Technology > T Technology (General) > Information Technology > Computer software > Computer Security
Divisions: School of Computing > Master of Science in Cyber Security
Depositing User: Tamara Malone
Date Deposited: 10 Jan 2025 16:26
Last Modified: 10 Jan 2025 16:26
URI: https://norma.ncirl.ie/id/eprint/7302

Actions (login required)

View Item View Item