IRMA-International.org: Creator of Knowledge
Information Resources Management Association
Advancing the Concepts & Practices of Information Resources Management in Modern Organizations
navleft navright Research IRM Open Access IRMA Journals IRM Books Proceedings Membership

The IRMA Community

Calls for Papers
Online Symposium
Newsletters

Research IRM

Click a keyword to search titles using our InfoSci-OnDemand powered search:

Leveraging AI for Behavioural Analysis of Digital Forensic Artifacts in Cybercrime Investigations

Leveraging AI for Behavioural Analysis of Digital Forensic Artifacts in Cybercrime Investigations
View Sample PDF
Author(s): Rituraj Jain (Marwadi University, India), Jaishri Gothania (Lingaya's Vidyapeeth, India), Priyank Dipakkumar Zaveri (B.H. Gardi College of Engineering and Technology, India), Monika Shah (B.H. Gardi College of Engineering and Technology, India), Parag Girdharbhai Paija (B.H. Gardi College of Engineering and Technology, India)and Yamini Parth Chawda (B.H. Gardi College of Engineering and Technology, India)
 Copyright: 2026
 Pages: 28
 Source title: Cyber Forensic Frameworks for User-Centric Human Threat Intelligence Analysis
Source Author(s)/Editor(s): Seifedine Kadry (Lebanese American University, Lebanon), Mritunjay Rai (Shri Ramswaroop Memorial University, Barabanki, India)and Padmesh Tripathi (Delhi Technical Campus, Greater Noida, India)
 DOI: 10.4018/979-8-3373-4898-8.ch012

Purchase

View Leveraging AI for Behavioural Analysis of Digital Forensic Artifacts in Cybercrime Investigations on the publisher's website for pricing and purchasing information.

Abstract

In memory execution, OS tools (for example, PowerShell, WMI), and registry manipulation are widely leveraged by fileless malware, which makes it very difficult to detect with the traditional forensic tools. This chapter studies memory forensics as a primary method to trace down attacks such as this one, concentrating on the volatile memory (RAM) analysis. They talk about attack types such as code injection, LOLBins and reflectively loaded DLLs, to name a few, and a few tools such as Cobalt Strike and Empire. Volatility, FTK Imager and YARA rules are leveraged to generate artifacts such as executable injected code, network sockets and command history. In the chapter, find out how we map the findings to the cyber kill chain, and what makes RAM analysis a must for detection, response, and proactive hunting.

Related Content

Mohammad Kamrul Hasan, Zahid Latif, Arbia Hlali, Lei Xunping, Shah Afrin Billah Aka. © 2026. 44 pages.
Md Mehedi Hasan Emon, Most. Sharmin Ara Chowdhury. © 2026. 28 pages.
Kirubhakaran Marisamy, Aarthi Selvakumar, Balakrishnan Rajasekar, Ravikumar Natarajan, Anorgul Atajanova, Samariddin Makhmudov. © 2026. 32 pages.
Shashi Kant. © 2026. 28 pages.
Parveen Sharma. © 2026. 26 pages.
Naoual Bouhtati, Lhoussaine Alla, Aziz Hmioui. © 2026. 38 pages.
Md Mehedi Hasan Emon. © 2026. 32 pages.
IRMA Offers Over 2,500 Full Text Open Access Research Papers for Free Download Click to Start Searching Free IRM Research!

IRMA Sponsors

Sponsor IGI Global

Sponsor eContentPro

Encyclopedia of Information Science and Technology, Fourth Edition
Body Bottom
About Us | Contact | Sitemap | Legal | Policies
Copyright ©2026, Information Resources Management Association. 701 East Chocolate Avenue, Hershey, PA 17033.