Investigating the Implications of Virtualization for Digital Forensics

نویسندگان

  • Zheng Song
  • Bo Jin
  • Yinghong Zhu
  • Yongqing Sun
چکیده

Research in virtualization technology has gained significant momentum in recent years, which brings not only opportunities to the forensic community, but challenges as well. In this paper, we discuss the potential roles of virtualization in the area of digital forensics and conduct an investigation on the recent progresses which utilize the virtualization techniques to support modern computer forensics. A brief overview of virtualization is presented and discussed. Further, a summary of positive and negative influences on digital forensics that are caused by virtualization technology is provided. Tools and techniques that are potential to be common practices in digital forensics are analyzed and some experience and lessons in our practice are shared. We conclude with our reflections and an outlook.

برای دانلود رایگان متن کامل این مقاله و بیش از 32 میلیون مقاله دیگر ابتدا ثبت نام کنید

ثبت نام

اگر عضو سایت هستید لطفا وارد حساب کاربری خود شوید

منابع مشابه

How Virtualized Environments Affect Computer Forensics

Virtualized environments can make forensics investigation more difficult. Technological advances in virtualization tools essentially make removable media a PC that can be carried around in a pocket or around a neck. Running operating systems and applications this way leaves very little trace on the host system. This paper will explore all the newest methods for virtualized environments and the ...

متن کامل

Trends in Virtualized User Environments

Virtualized environments can make forensics investigation more difficult. Technological advances in virtualization tools essentially make removable media a PC that can be carried around in a pocket or around a neck. Running operating systems and applications this way leaves very little trace on the host system. This paper will explore all the newest methods for virtualized environments and the ...

متن کامل

Forensic Implications of Virtualization Technologies

The term “machine virtualization” refers to a set of technologies that enable the abstraction of computing resources, which is the ability of hiding the actual characteristics of the physical hardware to the operating system and to the user. In the recent past, the availability of mature software solutions, and the introduction of hardware support for virtualization in modern commodity micropro...

متن کامل

Computer Forensics: Investigations of the Future

I Passwords and Their Hashes . . . . . . . . 5 Abstract—Computer Forensics is a new field that uses traditional investigation processes and applies them to investigating a computer for digital evidence. In this paper, we will discuss the background of computer forensics and process of a digital investigation of a computer. Technical topics such cryptographic hashing and data hiding will be cove...

متن کامل

Analyzing registry, log files, and prefetch files in finding digital evidence in graphic design applications

The products of graphic design applications leave behind traces of digital information which can be used during a digital forensic investigation in cases where counterfeit documents have been created. This paper analyzes the digital forensics involved in the creation of counterfeit documents. This is achieved by first recognizing the digital forensic artifacts left behind from the use of graphi...

متن کامل

ذخیره در منابع من

ذخیره در منابع من قبلا به منابع من ذحیره شده

{@ msg_add @}


  با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید

عنوان ژورنال:

دوره   شماره 

صفحات  -

تاریخ انتشار 2010