this is for holding javascript data
Igor.Korkin edited The Center of Mass of Kernel Mode Structures.tex
over 9 years ago
Commit id: f3059ec89e464ed2104276cdaa3dc9d89f3e1f2f
deletions | additions
diff --git a/The Center of Mass of Kernel Mode Structures.tex b/The Center of Mass of Kernel Mode Structures.tex
index 4d2627e..219d58f 100644
--- a/The Center of Mass of Kernel Mode Structures.tex
+++ b/The Center of Mass of Kernel Mode Structures.tex
...
\subsection{The Center \subsection{Digital Forensics in Education}
The proposed system can help students and postgraduate students in Computer Forensics to acquire practical skills. Students can get acquainted with the basics of
Mass memory forensics, Windows architecture, examine the program code and memory; investigate the relationships between binary modules loaded into memory. They will be able to learn the structure of
Kernel Mode Structures} user mode and kernel mode memories. The study of system services used to detect hidden objects during the training course may expect from the students to research the process SERVICES.EXE etc. Memory dump process evaluation makes it possible to study and get descriptions of undocumented structures of services that can be further used to search for hidden objects.
As a result, students consolidate their theoretical knowledge about the operating system, its components and their interaction with memory, as well as acquire research skills to get memory structures, which is crucial for solving practical problems of information security: reverse-engineering research and detection of malware, conducting forensic assessment and evaluation.