MemCatcher: An In-Depth Analysis Approach to Detect In-Memory Malwareopen access
- Authors
- Rai, Andri; Im, Eul Gyu
- Issue Date
- Nov-2025
- Publisher
- MDPI
- Keywords
- malware detection; malware analysis; in-memory malware; malicious services; windows security
- Citation
- Applied Sciences-basel, v.15, no.21, pp 1 - 24
- Pages
- 24
- Indexed
- SCIE
SCOPUS
- Journal Title
- Applied Sciences-basel
- Volume
- 15
- Number
- 21
- Start Page
- 1
- End Page
- 24
- URI
- https://scholarworks.bwise.kr/hanyang/handle/2021.sw.hanyang/209405
- DOI
- 10.3390/app152111800
- ISSN
- 2076-3417
2076-3417
- Abstract
- Recent advancements in cyber threats have led to increasingly sophisticated attack methods that evade traditional malware detection systems. In-memory malware, a particularly challenging variant, operates by modifying volatile memory, leaving minimal traces on secondary storage. This paper presents an in-depth analysis of in-memory malware characteristics, behavior, and evasion strategies. We propose "MemCatcher", a novel detection algorithm that integrates real-time system activity monitoring and memory analysis to effectively identify these threats from the Windows 10 system. Experimental validation using real-world and synthetic in-memory malware samples demonstrates the effectiveness of our approach. Additionally, we analyze evasion tactics using "Volatility3" and "PEview", providing insights into countermeasures. Future work will focus on enhancing in-memory malware detection using "Processor-in-Memory (PIM) hardware".
- Files in This Item
-
Go to Link
- Appears in
Collections - 서울 공과대학 > 서울 컴퓨터소프트웨어학부 > 1. Journal Articles

Items in ScholarWorks are protected by copyright, with all rights reserved, unless otherwise indicated.