The agenda for the 2008 DoD Cyber Crime Conference has been posted. I'll be giving a talk during the Research and Development Track at 0830 January 16, 2008. In this talk I will be discussing the latest advancements in the area of Volatile Memory Analysis and how they affect the way we perform digital investigations.
Advanced Volatile Memory Analysis
This session will focus on advanced techniques being used in volatile memory analysis (VMA) and our experiences while performing VMA. We will also discuss a number of open source tools and resources we have made available to the digital investigation community. The session will also explore how we are using VMA to perform automated malware analysis. Finally, we will demonstrate how we are combining VMA with file system analysis to help reconstruct and visualize the digital crime scene.