Next Article in Journal
Evaluating the Energy and Thermal Performance of a Water-Cooled Condenser Using Reverse Osmosis Effluent in Residential Purifiers
Previous Article in Journal
A Hybrid Approach to Geomechanical Modeling of Mining Excavation Loads: Integration of Influence Function Model into FDM Simulations
Previous Article in Special Issue
Enhancement of the Generation Quality of Generative Linguistic Steganographic Texts by a Character-Based Diffusion Embedding Algorithm (CDEA)
 
 
Search for Articles:
Title / Keyword
Author / Affiliation / Email
Journal
Article Type
 
 
Advanced Search
 
Section
Special Issue
Volume
Issue
Number
Page
 
Journals
Applied Sciences
Volume 15
Issue 21
10.3390/app152111800
applsci-logo
Submit to this Journal Review for this Journal Propose a Special Issue
Article Menu

Article Menu

share Share announcement Help format_quote Cite question_answer Discuss in SciProfiles
first_page
settings
Order Article Reprints
Font Type:
Arial Georgia Verdana
Font Size:
Aa Aa Aa
Line Spacing:
Column Width:
Background:
This is an early access version, the complete PDF, HTML, and XML versions will be available soon.
Article

MemCatcher: An In-Depth Analysis Approach to Detect In-Memory Malware

by
Andri Rai
and
Eul Gyu Im
*
Department of Computer Science, Hanyang University, Seoul 04763, Republic of Korea
*
Author to whom correspondence should be addressed.
Appl. Sci. 2025, 15(21), 11800; https://doi.org/10.3390/app152111800
Submission received: 11 October 2025 / Revised: 30 October 2025 / Accepted: 3 November 2025 / Published: 5 November 2025
(This article belongs to the Special Issue Cyber Security and Software Engineering)
Versions Notes

Abstract

Recent advancements in cyber threats have led to increasingly sophisticated attack methods that evade traditional malware detection systems. In-memory malware, a particularly challenging variant, operates by modifying volatile memory, leaving minimal traces on secondary storage. This paper presents an in-depth analysis of in-memory malware characteristics, behavior, and evasion strategies. We propose “MemCatcher”, a novel detection algorithm that integrates real-time system activity monitoring and memory analysis to effectively identify these threats from the Windows 10 system. Experimental validation using real-world and synthetic in-memory malware samples demonstrates the effectiveness of our approach. Additionally, we analyze evasion tactics using “Volatility3” and “PEview”, providing insights into countermeasures. Future work will focus on enhancing in-memory malware detection using “Processor-in-Memory (PIM) hardware”.
Keywords: malware detection; malware analysis; in-memory malware; malicious services; windows security malware detection; malware analysis; in-memory malware; malicious services; windows security

Share and Cite

MDPI and ACS Style

Rai, A.; Im, E.G. MemCatcher: An In-Depth Analysis Approach to Detect In-Memory Malware. Appl. Sci. 2025, 15, 11800. https://doi.org/10.3390/app152111800

AMA Style

Rai A, Im EG. MemCatcher: An In-Depth Analysis Approach to Detect In-Memory Malware. Applied Sciences. 2025; 15(21):11800. https://doi.org/10.3390/app152111800

Chicago/Turabian Style

Rai, Andri, and Eul Gyu Im. 2025. "MemCatcher: An In-Depth Analysis Approach to Detect In-Memory Malware" Applied Sciences 15, no. 21: 11800. https://doi.org/10.3390/app152111800

APA Style

Rai, A., & Im, E. G. (2025). MemCatcher: An In-Depth Analysis Approach to Detect In-Memory Malware. Applied Sciences, 15(21), 11800. https://doi.org/10.3390/app152111800

Note that from the first issue of 2016, this journal uses article numbers instead of page numbers. See further details here.

Article Metrics

Back to TopTop