Memory forensic techniques have been mainly used so far to detect anomalies in computer devices for post-mortem analysis. Recent innovations in this area shower how such tools have the potential to become novel solutions for online analysis and detection of stealthy attacks. However, their applicability in the field on mobile device is limited by the heterogeneity of operating systems available for such devices. In this project we propose to investigate the viability of using Deep Neural Networks as a mean to quickly and automatically identify variations in the memory structures of variations of the Android operating system. The goal is to provide a mean to quickly pinpoint the presence of important data structures in memory snapshots to later analyze their content and detect possible anomalies. Recent research in the area of binary analysis shows how deep neural networks are able to easily identify recurrent patterns in binary code and use this information to spot similar data structures.
