Publication

Abstract : Advanced persistent threats (APTs), significant risks in the digital security landscape, are typically conducted by high- level entities. These threats, which can target various organi- zations and government bodies, have the potential to remain undetected due to their substantial resource support. Their ability to evade detection for extended periods allows perpetrators to slowly infiltrate target systems. This empirical study advocates the use of memory forensic analysis, performed using Volatility, combined with network analysis as effective tools in identifying APTs. Through the application of memory forensics, analysts can uncover crucial evidence of these nefarious activities. By utilizing memory artifacts and Volatility plugins, significant information on malware traffic was discovered, highlighting the efficacy of these methods in APT detection.