Stack Forensics Based on Meta Data and Instruction Flow of 64-bit Windows

Stack Forensics Based on Meta Data and Instruction Flow of 64-bit Windows

To solve the omission in the stack forensics built without slack frame pointers and debugging symbols and the misstatement in the stack forensics built without meta data by the existing tools for dump files containing malicious processes in 64-bit Windows environment, a method to ll-ace stacks from...

Full description

Saved in:

Bibliographic Details
Main Authors:	ZHAI Ji-qiang, XU Xiao, CHEN Pan, YANG Hai-Lu
Format:	Article
Language:	zho
Published:	Harbin University of Science and Technology Publications 2021-10-01
Series:	Journal of Harbin University of Science and Technology
Subjects:	memory forensics windows stack meta data instruction flow return addresses
Online Access:	https://hlgxb.hrbust.edu.cn/#/digest?ArticleID=2015
Tags:	Add Tag No Tags, Be the first to tag this record!

Similar Items

Detect Windows Code Injection by Cross-validating Stack and VAD Information
by: ZHAI Jiqiang, et al.
Published: (2024-04-01)

IPv6 Dynamic Address Tunnel Model Based on the Sliding Address Window
by: Zichuan Ma, et al.
Published: (2015-10-01)

Security Mechanism for Dual Stack Network Accessing of Home Gateway
by: Zhonghua Chen
Published: (2014-12-01)

Enhancing the Capacitive Memory Window of HZO FeCap Through Nanolaminate Stack Design
by: Mostafa Habibi, et al.
Published: (2025-06-01)

LIFO-STACK SIZE DETERMINATION FOR GROWING OF THE IMAGE REGIONS
by: V. Yu. Tsviatkou
Published: (2020-03-01)

Malware Detection in Forensic Memory Dumps: The Use of Deep Meta-Learning Models
by: Yalçın Özkan
Published: (2023-06-01)

Study on electronic evidence acquisition and analysis method over Windows logs
by: Xiao-mei DONG, et al.
Published: (2012-11-01)

Compiler Optimization of Wide Memory Access for Aarch64
by: Viacheslav Chernonog, et al.
Published: (2024-03-01)

Addressee as a Factor in Document Type Adaptation
by: Marina V. Kosova, et al.
Published: (2024-09-01)

Visual Instruction Tuning for Drone Accident Forensics
by: Arda Surya Editya, et al.
Published: (2024-12-01)

Partially restricted stacks as functions
by: Jared Mi, et al.
Published: (2025-08-01)

OPERATIONS ON MANAGEMENT DATA ARRAYS IN LINEAR MEMORY
by: V. P. Ivashenko, et al.
Published: (2019-06-01)

Using Stacks for Image Segmentation Based on Region Growing
by: V. Yu. Tsviatkou
Published: (2020-07-01)

Reliable Multistate RRAM Devices for Reconfigurable CAM and IMC Applications
by: Shengpeng Xing, et al.
Published: (2025-01-01)

Magnetic Pulse Welding of Dissimilar Materials: Weldability Window for AA6082-T6/HC420LA Stacks
by: Mario A. Renderos Cartagena, et al.
Published: (2025-05-01)

Tencent Meeting forensics based on memory reverse analysis
by: Shilong Yu, et al.
Published: (2025-06-01)

Review of Angular-Selective Windows with Guest–Host Liquid Crystals for Static Window Applications
by: Chan-Heon An, et al.
Published: (2024-10-01)

Review of the weldability window in explosive welding processes
by: Bir Bahadur Sherpa, et al.
Published: (2025-03-01)

Evaluating Windows Vista user account security
by: Baghdad Science Journal
Published: (2011-06-01)

The relative effects of input and output based instruction on the development of L2 knowledge and the relationships with individual differences in working memory
by: Yan Liang, et al.
Published: (2025-08-01)

Windows Server 2019 administration fundamentals : a beginner's guide to managing and administering windows server environments /
by: Dauti, Bekim
Published: (2019)

Optimized window functions for spectral analysis based on digital filters
by: R.V. Petrosian
Published: (2025-07-01)

X-TIME: Accelerating Large Tree Ensembles Inference for Tabular Data With Analog CAMs
by: Giacomo Pedretti, et al.
Published: (2024-01-01)

Late Presentation of Aortopulmonary Window with Tetralogy of Fallot: Report of a Very Rare Case
by: Muhammad Ishtiaque Sayeed Al-Manzo, et al.
Published: (2021-09-01)

Classification of Forensic Examinations: The Approach Based on Forensic Expertology
by: O. G. D’yakonova, et al.
Published: (2022-08-01)

ENHANCING INSTRUCTIONAL OUTCOMES THROUGH THE TRANSFORMATIONAL- INSTRUCTIONAL LEADERSHIP MODEL
by: Nana Yaw Brenya Agyeman, et al.
Published: (2025-06-01)

Instructions for authors (in Romanian)
by: Romeo Teodor Cristina
Published: (2025-06-01)

“Our struggle with addressing in South Africa” – Capturing public stakeholder perspectives
by: Sharthi Laldaparsad, et al.
Published: (2025-05-01)

Transparent memory tests with even repeating addresses for storage devices
by: V. N. Yarmolik, et al.
Published: (2021-09-01)

Digital Forensics in Action The Role of Digital Forensics in Cybercrime Investigations
by: Hassan Shah Khan, et al.
Published: (2025-06-01)

Digital Forensics in Action The Role of Digital Forensics in Cybercrime Investigations
by: Hassan Shah Khan, et al.
Published: (2025-06-01)

Digital Forensics in Action The Role of Digital Forensics in Cybercrime Investigations
by: Hassan Shah Khan, et al.
Published: (2025-06-01)

Research on compatibility of high-performance network stack
by: Huiyou JIANG, et al.
Published: (2019-05-01)

Research on compatibility of high-performance network stack
by: Huiyou JIANG, et al.
Published: (2019-05-01)

INTEGRATED FORENSIC INVESTIGATION
by: A. Nesterov
Published: (2014-06-01)

On Novel RIP of Windowed Compressed Spectrum Sensing
by: Huiguang Zhang, et al.
Published: (2025-01-01)

On the Issue of Environmental Forensic Subtheory
by: N. V. Mikhaleva
Published: (2022-04-01)

Evaluation of swab materials in forensic DNA testing: a systematic review
by: Jillian Conte, et al.
Published: (2025-05-01)

Instruction : some contemporary view points /
Published: (1967)

«Skin window» cytokines in atopic dermatitis
by: D. S. Zagreshenko, et al.
Published: (2009-06-01)