Stack Forensics Based on Meta Data and Instruction Flow of 64-bit Windows

Stack Forensics Based on Meta Data and Instruction Flow of 64-bit Windows

To solve the omission in the stack forensics built without slack frame pointers and debugging symbols and the misstatement in the stack forensics built without meta data by the existing tools for dump files containing malicious processes in 64-bit Windows environment, a method to ll-ace stacks from...

Full description

Saved in:
Bibliographic Details
Main Authors: ZHAI Ji-qiang, XU Xiao, CHEN Pan, YANG Hai-Lu
Format: Article
Language:zho
Published: Harbin University of Science and Technology Publications 2021-10-01
Series:Journal of Harbin University of Science and Technology
Subjects:
memory forensics
windows stack
meta data
instruction flow
return addresses
Online Access:https://hlgxb.hrbust.edu.cn/#/digest?ArticleID=2015
Tags: Add Tag
No Tags, Be the first to tag this record!

Internet

https://hlgxb.hrbust.edu.cn/#/digest?ArticleID=2015

Similar Items