Symposium sur la sécurité des technologies de l'information et des communications

Conférence francophone sur le thème de la sécurité de l'information.
Elle a eu lieu à Rennes du 7 au 9 juin 2023.

Memory Forensics 2.0Davide Balzarotti

Date : 09 June 2023 à 11:30 — 45 min.

The risk of security breaches is higher than ever and attackers are routinely breaking into corporate networks, government services, and critical infrastructures. As a result, it is not a matter of `if' a system will be compromised, but only a matter of `when' -- thus making the way we handle computer incidents and investigations of paramount importance.

Unfortunately, the forensics field still relies on a collection of best practices and a multitude of dedicated tools, without a proper scientific and theoretical foundation. In this talk I will discuss some of the limitation of the current approaches for Memory forensics. I will then present some of the recent contributions of my group in this area and use them to introduce my view on the future of memory forensics.