Raleigh ISSA April 7, 2016 Chapter Meeting
5:15 – 6:00pm Career Services (Conference Room 1)
5:15 – 6:00pm CISSP Study Group (Conference Room 2)
5:15 – 6:00pm Back-to-Basics (Main Room) Kali linux Review - Wayne Williams and Joshua Rahman
6:00 – 6:30pm Backyard BBQ / Drink / Socializing (Lobby)
6:30 – 7:00pm Vendor Presentation (Main Room) - Clearswift
7:00 – 7:15pm Board Updates (Main Room)
7:15 – 8:15pm Main Presentation (Main Room) Volatility - Micah Bushouse
TOPIC: Kali linux Review
SPEAKERS: Wayne Williams and Joshua Rahman
Main Presentation 7:15 - 8:15 PM
Speaker: Micah Bushouse
Micah Bushouse is a Ph.D. student in the WSPR Laboratory at NC State University’s Department of Computer Science. His research interests under Dr. Douglas Reeves include cloud computing and network security. He comes from a telecommunications background, and received his Bachelor’s and Master’s in this field from Michigan State University in 2004 and 2006. Micah is an active duty Army officer who attends NC State under the Army’s Advanced Civil Schooling program.
Having access to a system’s active memory is important for computer forensics technicians or malware analysts. To this end, we will discuss Volatility, a popular tool used to conduct memory analysis, as well as its use when combined with Virtual Machine Inspection (VMI). These tools allow us to transparently analyze a virtual machine’s memory while the machine is running. This session will begin with the basic concepts behind virtualization, virtual machine introspection, and memory analysis, and will conclude with a group exercise where the class uses these tools to extract data from a virtual machine.