Cited 0 time in
MemCatcher: An In-Depth Analysis Approach to Detect In-Memory Malware
| DC Field | Value | Language |
|---|---|---|
| dc.contributor.author | Rai, Andri | - |
| dc.contributor.author | Im, Eul Gyu | - |
| dc.date.accessioned | 2025-12-01T08:00:34Z | - |
| dc.date.available | 2025-12-01T08:00:34Z | - |
| dc.date.issued | 2025-11 | - |
| dc.identifier.issn | 2076-3417 | - |
| dc.identifier.issn | 2076-3417 | - |
| dc.identifier.uri | https://scholarworks.bwise.kr/hanyang/handle/2021.sw.hanyang/209405 | - |
| dc.description.abstract | Recent advancements in cyber threats have led to increasingly sophisticated attack methods that evade traditional malware detection systems. In-memory malware, a particularly challenging variant, operates by modifying volatile memory, leaving minimal traces on secondary storage. This paper presents an in-depth analysis of in-memory malware characteristics, behavior, and evasion strategies. We propose "MemCatcher", a novel detection algorithm that integrates real-time system activity monitoring and memory analysis to effectively identify these threats from the Windows 10 system. Experimental validation using real-world and synthetic in-memory malware samples demonstrates the effectiveness of our approach. Additionally, we analyze evasion tactics using "Volatility3" and "PEview", providing insights into countermeasures. Future work will focus on enhancing in-memory malware detection using "Processor-in-Memory (PIM) hardware". | - |
| dc.format.extent | 24 | - |
| dc.language | 영어 | - |
| dc.language.iso | ENG | - |
| dc.publisher | MDPI | - |
| dc.title | MemCatcher: An In-Depth Analysis Approach to Detect In-Memory Malware | - |
| dc.type | Article | - |
| dc.publisher.location | 스위스 | - |
| dc.identifier.doi | 10.3390/app152111800 | - |
| dc.identifier.scopusid | 2-s2.0-105021466426 | - |
| dc.identifier.wosid | 001612464900001 | - |
| dc.identifier.bibliographicCitation | Applied Sciences-basel, v.15, no.21, pp 1 - 24 | - |
| dc.citation.title | Applied Sciences-basel | - |
| dc.citation.volume | 15 | - |
| dc.citation.number | 21 | - |
| dc.citation.startPage | 1 | - |
| dc.citation.endPage | 24 | - |
| dc.type.docType | Article | - |
| dc.description.isOpenAccess | Y | - |
| dc.description.journalRegisteredClass | scie | - |
| dc.description.journalRegisteredClass | scopus | - |
| dc.relation.journalResearchArea | Chemistry | - |
| dc.relation.journalResearchArea | Engineering | - |
| dc.relation.journalResearchArea | Materials Science | - |
| dc.relation.journalResearchArea | Physics | - |
| dc.relation.journalWebOfScienceCategory | Chemistry, Multidisciplinary | - |
| dc.relation.journalWebOfScienceCategory | Engineering, Multidisciplinary | - |
| dc.relation.journalWebOfScienceCategory | Materials Science, Multidisciplinary | - |
| dc.relation.journalWebOfScienceCategory | Physics, Applied | - |
| dc.subject.keywordPlus | FORENSICS | - |
| dc.subject.keywordAuthor | malware detection | - |
| dc.subject.keywordAuthor | malware analysis | - |
| dc.subject.keywordAuthor | in-memory malware | - |
| dc.subject.keywordAuthor | malicious services | - |
| dc.subject.keywordAuthor | windows security | - |
| dc.identifier.url | https://www.mdpi.com/2076-3417/15/21/11800 | - |
Items in ScholarWorks are protected by copyright, with all rights reserved, unless otherwise indicated.
222, Wangsimni-ro, Seongdong-gu, Seoul, 04763, Korea+82-2-2220-1366
COPYRIGHT © 2024 HANYANG UNIVERSITY.
Certain data included herein are derived from the © Web of Science of Clarivate Analytics. All rights reserved.
You may not copy or re-distribute this material in whole or in part without the prior written consent of Clarivate Analytics.
