Reading the contents of deleted and modified files in the virtualization based black-box binary analysis system Drakvuf

The article discusses ways to get the content of files, which are modified during the processing in the well-known open source dynamic analysis environment Drakvuf. Drakvuf initially implemented file saving functionality based on the use of undocumented mechanisms for working with the system cache....

全面介紹

書目詳細資料
發表在:Труды Института системного программирования РАН
主要作者: S. G. Kovalev
格式: Article
語言:英语
出版: Russian Academy of Sciences, Ivannikov Institute for System Programming 2018-12-01
主題:
вредоносная программа
динамический анализ
инъекция
drakvuf
virtual machine introspection
在線閱讀:https://ispranproceedings.elpub.ru/jour/article/view/1108

因特網

https://ispranproceedings.elpub.ru/jour/article/view/1108

相似書籍