Volatility GUI : Simplifying Memory analysis
| Main Author: | |
|---|---|
| Publication Date: | 2022 |
| Format: | Master thesis |
| Language: | eng |
| Source: | Repositórios Científicos de Acesso Aberto de Portugal (RCAAP) |
| Download full: | http://hdl.handle.net/10400.8/6946 |
Summary: | Digital forensic analysis is an area generally restricted to a small number of individuals. This happens due to the complexity of entry to the area due to a small user base, few and out-of-date software restricting the more advanced software behind paywalls and licenses. Unfortunately, due to the small user base, open-source projects take a long time to be updated and fall behind software present in other areas. More and more crimes are being committed using digital means, which means that the ability to analyze the physical computer and its components is becoming increasingly more important. The Volatility Framework is used for the analysis of one of these components, the RAM. But the currently available software is far from perfect due to a lack of graphical interface and other functionalities that have come to be the norm for software in the year 2021. This means that the end-user needs to be even more experience to use this software. This thesis has as its main objective the development of a graphical interface to the software Volatility. This graphical interface takes as its main objective to ease the usage of Volatility as much as possible. This is accomplished by introducing automatic commands, reports, more accessible exports, integrations, functionalities that had to be done outside of the tool, among many others. This is done to help the final user that might have very little knowledge and do a complete RAM images analysis without having to use any external tool. The results obtained by the development of the software allow the proof of effectiveness, in levels of time and usefulness, of this tool with new users of this software and this area, and with more experienced users. |
| id |
RCAP_1b152274b642e3e2661d0c80d316178f |
|---|---|
| oai_identifier_str |
oai:iconline.ipleiria.pt:10400.8/6946 |
| network_acronym_str |
RCAP |
| network_name_str |
Repositórios Científicos de Acesso Aberto de Portugal (RCAAP) |
| repository_id_str |
https://opendoar.ac.uk/repository/7160 |
| spelling |
Volatility GUI : Simplifying Memory analysisInterface gráfica para a ferramenta forense de análise de RAMCybersecurityInformation securityGraphical User Interface x SoftwareComputer forensicDigital forensic analysis is an area generally restricted to a small number of individuals. This happens due to the complexity of entry to the area due to a small user base, few and out-of-date software restricting the more advanced software behind paywalls and licenses. Unfortunately, due to the small user base, open-source projects take a long time to be updated and fall behind software present in other areas. More and more crimes are being committed using digital means, which means that the ability to analyze the physical computer and its components is becoming increasingly more important. The Volatility Framework is used for the analysis of one of these components, the RAM. But the currently available software is far from perfect due to a lack of graphical interface and other functionalities that have come to be the norm for software in the year 2021. This means that the end-user needs to be even more experience to use this software. This thesis has as its main objective the development of a graphical interface to the software Volatility. This graphical interface takes as its main objective to ease the usage of Volatility as much as possible. This is accomplished by introducing automatic commands, reports, more accessible exports, integrations, functionalities that had to be done outside of the tool, among many others. This is done to help the final user that might have very little knowledge and do a complete RAM images analysis without having to use any external tool. The results obtained by the development of the software allow the proof of effectiveness, in levels of time and usefulness, of this tool with new users of this software and this area, and with more experienced users.Frazão, Luís Alexandre LopesRepositório IC-OnlineMonteiro, Alexandre de Sousa2022-04-11T12:48:07Z2022-01-152022-01-15T00:00:00Zinfo:eu-repo/semantics/publishedVersioninfo:eu-repo/semantics/masterThesisapplication/pdfhttp://hdl.handle.net/10400.8/6946urn:tid:202988708enginfo:eu-repo/semantics/openAccessreponame:Repositórios Científicos de Acesso Aberto de Portugal (RCAAP)instname:FCCN, serviços digitais da FCT – Fundação para a Ciência e a Tecnologiainstacron:RCAAP2025-02-25T15:10:50Zoai:iconline.ipleiria.pt:10400.8/6946Portal AgregadorONGhttps://www.rcaap.pt/oai/openaireinfo@rcaap.ptopendoar:https://opendoar.ac.uk/repository/71602025-05-28T20:49:51.096621Repositórios Científicos de Acesso Aberto de Portugal (RCAAP) - FCCN, serviços digitais da FCT – Fundação para a Ciência e a Tecnologiafalse |
| dc.title.none.fl_str_mv |
Volatility GUI : Simplifying Memory analysis Interface gráfica para a ferramenta forense de análise de RAM |
| title |
Volatility GUI : Simplifying Memory analysis |
| spellingShingle |
Volatility GUI : Simplifying Memory analysis Monteiro, Alexandre de Sousa Cybersecurity Information security Graphical User Interface x Software Computer forensic |
| title_short |
Volatility GUI : Simplifying Memory analysis |
| title_full |
Volatility GUI : Simplifying Memory analysis |
| title_fullStr |
Volatility GUI : Simplifying Memory analysis |
| title_full_unstemmed |
Volatility GUI : Simplifying Memory analysis |
| title_sort |
Volatility GUI : Simplifying Memory analysis |
| author |
Monteiro, Alexandre de Sousa |
| author_facet |
Monteiro, Alexandre de Sousa |
| author_role |
author |
| dc.contributor.none.fl_str_mv |
Frazão, Luís Alexandre Lopes Repositório IC-Online |
| dc.contributor.author.fl_str_mv |
Monteiro, Alexandre de Sousa |
| dc.subject.por.fl_str_mv |
Cybersecurity Information security Graphical User Interface x Software Computer forensic |
| topic |
Cybersecurity Information security Graphical User Interface x Software Computer forensic |
| description |
Digital forensic analysis is an area generally restricted to a small number of individuals. This happens due to the complexity of entry to the area due to a small user base, few and out-of-date software restricting the more advanced software behind paywalls and licenses. Unfortunately, due to the small user base, open-source projects take a long time to be updated and fall behind software present in other areas. More and more crimes are being committed using digital means, which means that the ability to analyze the physical computer and its components is becoming increasingly more important. The Volatility Framework is used for the analysis of one of these components, the RAM. But the currently available software is far from perfect due to a lack of graphical interface and other functionalities that have come to be the norm for software in the year 2021. This means that the end-user needs to be even more experience to use this software. This thesis has as its main objective the development of a graphical interface to the software Volatility. This graphical interface takes as its main objective to ease the usage of Volatility as much as possible. This is accomplished by introducing automatic commands, reports, more accessible exports, integrations, functionalities that had to be done outside of the tool, among many others. This is done to help the final user that might have very little knowledge and do a complete RAM images analysis without having to use any external tool. The results obtained by the development of the software allow the proof of effectiveness, in levels of time and usefulness, of this tool with new users of this software and this area, and with more experienced users. |
| publishDate |
2022 |
| dc.date.none.fl_str_mv |
2022-04-11T12:48:07Z 2022-01-15 2022-01-15T00:00:00Z |
| dc.type.status.fl_str_mv |
info:eu-repo/semantics/publishedVersion |
| dc.type.driver.fl_str_mv |
info:eu-repo/semantics/masterThesis |
| format |
masterThesis |
| status_str |
publishedVersion |
| dc.identifier.uri.fl_str_mv |
http://hdl.handle.net/10400.8/6946 urn:tid:202988708 |
| url |
http://hdl.handle.net/10400.8/6946 |
| identifier_str_mv |
urn:tid:202988708 |
| dc.language.iso.fl_str_mv |
eng |
| language |
eng |
| dc.rights.driver.fl_str_mv |
info:eu-repo/semantics/openAccess |
| eu_rights_str_mv |
openAccess |
| dc.format.none.fl_str_mv |
application/pdf |
| dc.source.none.fl_str_mv |
reponame:Repositórios Científicos de Acesso Aberto de Portugal (RCAAP) instname:FCCN, serviços digitais da FCT – Fundação para a Ciência e a Tecnologia instacron:RCAAP |
| instname_str |
FCCN, serviços digitais da FCT – Fundação para a Ciência e a Tecnologia |
| instacron_str |
RCAAP |
| institution |
RCAAP |
| reponame_str |
Repositórios Científicos de Acesso Aberto de Portugal (RCAAP) |
| collection |
Repositórios Científicos de Acesso Aberto de Portugal (RCAAP) |
| repository.name.fl_str_mv |
Repositórios Científicos de Acesso Aberto de Portugal (RCAAP) - FCCN, serviços digitais da FCT – Fundação para a Ciência e a Tecnologia |
| repository.mail.fl_str_mv |
info@rcaap.pt |
| _version_ |
1833598897769938944 |