OMFW: Towards Automated Generation of Memory Forensic Tools
As many of you already know, we sent out the registration confirmations earlier this week. If you are still interested in attending, please send me a note and I will add you to the waiting list which will be serviced on a FIFO basis.
I’m pleased to announce another exciting presentation which will be delivered at OMFW 2011, “Towards Automated Generation of Memory Forensic Tools” by Brendan Dolan-Gavitt (Moyix). If you have been following the memory analysis community, you know that Moyix has been doing amazing research and has been responsible for a number of innovative advancements in the field. Since most of this work has been built on top of Volatility, it has been immediately accessible to investigators in the field. In this presentation, Moyix will discuss the research he recently published at the nation’s top information security conference, IEEE S&P. He will also give a demonstration that will leave you in amazement.
Abstract:
Currently, creating memory forensic tools is a difficult task, which
requires deep knowledge of the operating system you wish to examine. In
this talk, I will present new research that aims to automate this
process, allowing memory forensic tools to be developed with the same
ease as live analysis tools. This will also make it much simpler to
support analysis of new operating systems, a point which I will
demonstrate by automatically generating the first memory analysis tools
for the Haiku operating system.
