Defeating Anti-Forensics in Contemporary Complex Threats. Rodionov and Matrosov

Next story

To store their payload and configuration information, malware families employ a range of mechanisms such as hidden storage to counteract forensic analysis. The paper details the use of this approach by specific malware. Discussion of hidden file system layouts and protection mechanisms.