Vis enkel innførsel

dc.contributor.advisorWolthusen, Stephen
dc.contributor.authorBrendmo, Hans Kristian
dc.date.accessioned2017-07-18T14:01:00Z
dc.date.available2017-07-18T14:01:00Z
dc.date.created2017-05-31
dc.date.issued2017
dc.identifierntnudaim:18109
dc.identifier.urihttp://hdl.handle.net/11250/2448948
dc.description.abstractThe thesis looks at the internals of the secure kernel, explores ways of performing live forensics on the secure kernel as well as providing information on how to extract a full memory dump from a virtual machine running inside a nested hypervisor. This thesis also provides software that is used in the investigation of said kernel, providing demonstrations on how secure kernel memory is laid out. The thesis also provides information on Secure Kernel Objects (SKOs) which are artifacts that could be useful for a forensic investigator wishing to understand the secure kernel.
dc.languageeng
dc.publisherNTNU
dc.subjectInformation Security (MIS - 2 deltid), Digital forensics
dc.titleLive forensics on the Windows 10 secure kernel.
dc.typeMaster thesis


Tilhørende fil(er)

Thumbnail
Thumbnail
Thumbnail

Denne innførselen finnes i følgende samling(er)

Vis enkel innførsel