Analyzing Malware Based on Volatile Memory
To explain the necessity of comprehensive and automatically analysis process for volatile memory, this paper summarized ordinarily analyzing methods and their common points especially for concerned data source. Then, a memory analysis framework volatiltiy-2.2 and statistical output file size are recommended. In addition, to address the limitation of plug-ins classification in analyzing procedure, a user perspective classify is necessary and proposed. Furthermore, according to target data source differences on the base of result data set volume and employed relational method is introduced for comprehensive analysis guideline procedure.