Detect Windows Code Injection by Cross-validating Stack and VAD Information

Detect Windows Code Injection by Cross-validating Stack and VAD Information

Windows 32/64-bit code injection attacks are a common attack technique by malware. In the field of memory forensics, the existing code injection attack detection technologies cannot handle dynamic content in terms of verification integrity, and cannot be compatible with different versions of Windows...

Full description

Saved in:
Bibliographic Details
Main Authors: ZHAI Jiqiang, HAN Xu, WANG Jiaqian, SUN Haixu, YANG Hailu
Format: Article
Language:zho
Published: Harbin University of Science and Technology Publications 2024-04-01
Series:Journal of Harbin University of Science and Technology
Subjects:
vad
stack
windows code inject
memory forensics
Online Access:https://hlgxb.hrbust.edu.cn/#/digest?ArticleID=2311
Tags: Add Tag
No Tags, Be the first to tag this record!

Internet

https://hlgxb.hrbust.edu.cn/#/digest?ArticleID=2311

Similar Items