Overcoming Obstacles in Memory Forensics

Jamie Levy

What can you do when your favorite memory analysis tool doesn’t give you the results you need? What if your memory sample has issues arising from a bad acquisition? How can you troubleshoot and fix the issue? In this talk we’ll take a look at some of the most common issues that arise when doing memory analysis, and will come away with tips that can help overcome these problems and get you back to solving your case.

About Jamie Levy

Jamie Levy is a senior researcher and developer. In the past, she worked on various R&D projects and forensic cases at various DFIR companies. Jamie has taught classes in Computer Forensics and Computer Science at Queens College (CUNY) and John Jay College (CUNY). She has an MS in Forensic Computing from John Jay College and is an avid contributor to the open source Computer Forensics community. She is an active core developer on The Volatility Framework and co-author of “The Art of Memory Forensics”. Jamie has also authored peer-reviewed conference publications and presented at conferences (OMFW, CEIC, IEEE ICC) on the topics of memory, network, and malware forensics analysis.