The number and frequency of malware is on the rise. This requires an increase in real-time investigations. However, conducting investigations on live systems is quite a challenge due to the urgency with which decisions must be made.
Furthermore, experts face a multitude of tools and must decide which ones are most suitable for the situation. Currently, there is no reliable automated solution to help make this decision. Hence the purpose of this research project! The authors have developed a visual decision support tool that allows experts to analyze relevant volatile data from a compromised device. The originality of this approach lies in the collection, pre-processing and visualization of data that would no longer be available for post-mortem analysis.
This prototype has been tested with the real-time exploration on an iPhone and seems promising. However, for the moment the model is only applicable for specific use cases.
Project to be followed!