Detecting Rootkits in Memory Dumps

About the presentation

I am going to talk about different techniques to dump the memory on a system and how to analyze it, looking for the presence of a kernel level rootkit.

60 minutes

• usually takes hours to explain

High technical level

• Hopefully comprehensive

Agenda

• What is a rootkit?
• Dumping the memory
• How-to analyze a memory dump?
• Different rootkit techniques and how we detect it

Read more: Google docs

Posted via email from jasper22's posterous