Malware Analysis Using Volatility

2020 ◽  
pp. 8-14
Author(s):  
Mossaraf Khan
Keyword(s):  
Random Access ◽  
Active Network ◽  
Malware Analysis ◽  
Access Memory ◽  
Hard Drives ◽  
Related Information ◽  
Running System ◽  
Forensic Artifacts ◽  
Volatile Memory ◽  
Storage Units

Volatile Data of a computer is a temporary and they are created when a computer system is running aka in operational condition. They are removed immediately when the system powered off. It is stored on the Random Access Memory (RAM) and other temporary storage units such as Registars of the Computer and not in the main storage partitions of Hard Drives. It could be emails related information, chats or browser history, running processes related information, unsaved data, clipboard contents etc. The analysis of volatile memory for extracting forensic artifacts is called Memory Forensic. Volatile Memory contains the most valuable information about running programs and instructions including running system processes, kernel drivers, loaded modules, executed commands, executable paths, active Network Connections, etc.

scholarly journals Overview of radiation effects on emerging non-volatile memory technologies

2017 ◽  
Vol 32 (4) ◽  
pp. 381-392
Author(s):  
Irfan Fetahovic ◽  
Edin Dolicanin ◽  
Djordje Lazarevic ◽  
Boris Loncar
Keyword(s):  
Radiation Effects ◽  
Random Access ◽  
Random Access Memory ◽  
Resistive Random Access Memory ◽  
Access Memory ◽  
High Radiation ◽  
Different Types ◽  
Non Volatile Memory ◽  
Volatile Memory ◽  
Change Memory

In this paper we give an overview of radiation effects in emergent, non-volatile memory technologies. Investigations into radiation hardness of resistive random access memory, ferroelectric random access memory, magneto-resistive random access memory, and phase change memory are presented in cases where these memory devices were subjected to different types of radiation. The obtained results proved high radiation tolerance of studied devices making them good candidates for application in radiation-intensive environments.

Bipolar Switching Properties of the Manganese Oxide Thin Film RRAM Devices

2014 ◽  
Vol 602-603 ◽  
pp. 1056-1059 ◽  
Author(s):  
Min Chang Kuan ◽  
Fann Wei Yang ◽  
Chien Min Cheng ◽  
Kai Huang Chen ◽  
Jian Tz Lee
Keyword(s):  
Thin Film ◽  
Thin Films ◽  
Manganese Oxide ◽  
Random Access ◽  
Random Access Memory ◽  
Memory Devices ◽  
Access Memory ◽  
Resistance Random Access Memory ◽  
Non Volatile Memory ◽  
Volatile Memory

Up to now, the various non-volatile memory devices such as, ferroelectric random access memory (FeRAM), magnetron random access memory (MRAM), and resistance random access memory (RRAM) were widely discussed and investigated. For these nonvolatile memory devices, the resistance random access memory (RRAM) devices will play an important role because of its non-destructive readout, low operation voltage, high operation speed, long retention time, and simple structure. The resistance random access memory (RRAM) devices were only consisting of one resistor and one corresponding transistor. The subject of this work was to study the characteristics of manganese oxide (MnO) thin films deposited on transparent conductive thin film using the rf magnetron sputtering method. The optimal sputtering conditions of as-deposited manganese oxide (MnO) thin films were the rf power of 80 W, chamber pressure of 20 mTorr, substrate temperature of 580°C, and an oxygen concentration of 40%. The basic mechanisms for the bistable resistance switching were observed. In which, the non-volatile memory and switching properties of the manganese oxide (MnO) thin film structures were reported and the relationship between the memory windows and electrical properties was investigated.

scholarly journals Live Forensics on GPS inactive Smartphone

2021 ◽  
Vol 3 (1) ◽  
pp. 32-44
Author(s):  
Nuril Anwar ◽  
Murein Miksa Mardhia ◽  
Luthfi Ryanto
Keyword(s):  
Random Access ◽  
Random Access Memory ◽  
Cloud Services ◽  
Access Memory ◽  
Location Data ◽  
Running System ◽  
User Data ◽  
Data Location ◽  
User Location ◽  
Live Forensics

Google is known to still track the user's location despite the GPS settings and location history in smartphone settings has been turned off by the user. This requires special handling to prove the location on smartphones with inactive GPS and view its Location History previously used by user. The research investigates if Google is still recording its user data location. Live Forensic requires data from the running system or volatile data which is usually found in Random Access Memory (RAM) or transit on the network. Investigations are carried out using a Google account with a method used by live forensics to obtain results from the location history. Smartphones have been checked manually through data backup through custom recovery that has been installed. When checking the backup filesystem, turned out that no location data is stored. Therefore, researchers conducted an analysis on the Google Account which was analyzed using a forensic tool to analyze cloud services to obtain location data results. The results of the analysis carried out obtained a similarity in location from 8-days investigations. Google can still find the location of smartphones with GPS disabled, but the location results are not accurate. Google can store user location data via cellular networks, Wi-Fi, and sensors to help estimate the user's location. The process of extracting the results from the google maps log using a Google account will be analyzed using the Elcomsoft Cloud eXplorer and Oxygen Forensic Cloud Extractor so that the log location results are still available by Google.

Analysis of FSRAM Single Bit Failures Due to Unique Dislocations

1998 ◽  
Author(s):  
Phil Schani ◽  
S. Subramanian ◽  
Vince Soorholtz ◽  
Pat Liston ◽  
Jamey Moss ◽  
...  
Keyword(s):  
Electron Microscopy ◽  
Random Access ◽  
Random Access Memory ◽  
Static Random Access Memory ◽  
Temperature Sensitive ◽  
Wafer Level ◽  
Top Down ◽  
Access Memory ◽  
Transmission Electron ◽  
Contact Processing

Abstract Temperature sensitive single bit failures at wafer level testing on 0.4µm Fast Static Random Access Memory (FSRAM) devices are analyzed. Top down deprocessing and planar Transmission Electron Microscopy (TEM) analyses show a unique dislocation in the substrate to be the cause of these failures. The dislocation always occurs at the exact same location within the bitcell layout with respect to the single bit failing data state. The dislocation is believed to be associated with buried contact processing used in this type of bitcell layout.

Deprocessing Methodologies for Detection of IBC and Cell-to-Cell Shorts in Submicron DRAM

2012 ◽  
Author(s):  
Ramachandra Chitakudige ◽  
Sarat Kumar Dash ◽  
A.M. Khan
Keyword(s):  
High Selectivity ◽  
Electron Cyclotron Resonance ◽  
Random Access ◽  
Random Access Memory ◽  
Access Memory ◽  
Plasma System ◽  
Poly Silicon ◽  
Hazardous Gases ◽  
Wet Etch ◽  
Resonance Plasma

Abstract Detection of both Insufficient Buried Contact (IBC) and cell-to-cell short defects is quite a challenging task for failure analysis in submicron Dynamic Random Access Memory (DRAM) devices. A combination of a well-controlled wet etch and high selectivity poly silicon etch is a key requirement in the deprocessing of DRAM for detection of these types of failures. High selectivity poly silicon etch methods have been reported using complicated system such as ECR (Electron Cyclotron Resonance) Plasma system. The fact that these systems use hazardous gases like Cl2, HBr, and SF6 motivates the search for safer alternative deprocessing chemistries. The present work describes high selectivity poly silicon etch using simple Reactive Ion Etch (RIE) plasma system using less hazardous gases such as CF4, O2 etc. A combination of controlled wet etch and high selectivity poly silicon etch have been used to detect both IBC and cell-to-cell shorts in submicron DRAMs.

Challenges and Benefits of Product-Like SRAM in Technology Development

2011 ◽  
Author(s):  
Felix Beaudoin ◽  
Stephen Lucarini ◽  
Fred Towler ◽  
Stephen Wu ◽  
Zhigang Song ◽  
...  
Keyword(s):  
Technology Development ◽  
Random Access ◽  
Random Access Memory ◽  
Static Random Access Memory ◽  
Development Phase ◽  
High Complexity ◽  
Access Memory ◽  
Integration Schemes ◽  
Front End

Abstract For SRAMs with high logic complexity, hard defects, design debug, and soft defects have to be tackled all at once early on in the technology development while innovative integration schemes in front-end of the line are being validated. This paper presents a case study of a high-complexity static random access memory (SRAM) used during a 32nm technology development phase. The case study addresses several novel and unrelated fail mechanisms on a product-like SRAM. Corrective actions were put in place for several process levels in the back-end of the line, the middle of the line, and the front-end of the line. These process changes were successfully verified by demonstrating a significant reduction of the Vmax and Vmin nest array block fallout, thus allowing the broader development team to continue improving random defectivity.

Effect of Conductive Filament Temperature on ZrO2 based Resistive Random Access Memory Devices

2020 ◽  
Vol 12 (2) ◽  
pp. 02008-1-02008-4
Author(s):  
Pramod J. Patil ◽  
◽  
Namita A. Ahir ◽  
Suhas Yadav ◽  
Chetan C. Revadekar ◽  
...  
Keyword(s):  
Random Access ◽  
Random Access Memory ◽  
Resistive Random Access Memory ◽  
Memory Devices ◽  
Access Memory ◽  
Conductive Filament ◽  
Filament Temperature
Sign in / Sign up

Export Citation Format

Share Document