Deadline for submissions is 31 August 2016.
Memory analysis is a hot research topic with wide applications on many fronts - from malware detection and analysis, to recovery of encryption keys, to user activity reconstruction. As advanced contemporary malware increasingly reduces its on-disk footprint, and adopts increasingly sophisticated host detection subversion mechanisms, memory analysis is currently mainstreaming as a valuable technique for detection and response.
While memory analysis presents many new opportunities, it also presents new complications and challenges, ranging from reliance on undocumented program internals, to atomicity of acquisition methodologies. As memory analysis becomes the status quo methodology the use of directed anti-forensics is also becoming prevalent.
This special issue of the Journal of Digital Investigation invites original research papers that report on state-of-the-art and recent advancements in this rapidly expanding area of enquiry, with a particular emphasis on novel techniques and practical applications for the forensic and incident response community.
Topics of interest include but are not limited to:
- Malware detection in memory
- Live memory analysis
- Live system introspection
- Memory acquisition
- Memory analysis of large systems
- Userspace and application specific memory analysis
- Cryptographic analysis, key recovery
- Execution history analysis
- Data fusion between memory/disk/network