2013
DOI: 10.1007/978-3-642-39256-6_7
|View full text |Cite
|
Sign up to set email alerts
|

Hypervisor Event Logs as a Source of Consistent Virtual Machine Evidence for Forensic Cloud Investigations

Abstract: Cloud Computing is an emerging model of computing where users can leverage the computing infrastructure as a service stack or commodity. The security and privacy concerns of this infrastructure arising from the large colocation of tenants are, however, significant and pose considerable challenges in its widespread deployment. The current work addresses one aspect of the security problem by facilitating forensic investigations to determine if these virtual tenant spaces were maliciously violated by other tenant… Show more

Help me understand this report

Search citation statements

Order By: Relevance

Paper Sections

Select...
1
1

Citation Types

0
2
0

Year Published

2014
2014
2020
2020

Publication Types

Select...
3
2
1

Relationship

1
5

Authors

Journals

citations
Cited by 8 publications
(2 citation statements)
references
References 15 publications
(31 reference statements)
0
2
0
Order By: Relevance
“…The virtualization technology can be largely divided into the application virtualization [25][26][27][28][29][30][31][32][33][34][35][36][37][38][39], server virtualization [26][27][28], network virtualization [29][30][31], desktop virtualization [32][33][34][35] and storage virtualization. We attempt to describe technical characteristics, trends and current foundation technologies for each category.…”
Section: Virtualizationmentioning
confidence: 99%
“…The virtualization technology can be largely divided into the application virtualization [25][26][27][28][29][30][31][32][33][34][35][36][37][38][39], server virtualization [26][27][28], network virtualization [29][30][31], desktop virtualization [32][33][34][35] and storage virtualization. We attempt to describe technical characteristics, trends and current foundation technologies for each category.…”
Section: Virtualizationmentioning
confidence: 99%
“…Digital forensics uses the previously mentioned scientific and proven methods to provide interpretive analysis of potential ESI evidence to reconstruct events [9]. The digital investigator is responsible for assessing the ESI to reconstruct timelines that describe as completely as possible what happened and when it happened [10]. However, one cannot just simply apply digital forensics (or traditional forensics) methodology directly to cloud forensics, because 1) it is not possible to perform a one-to-one mapping, and 2) cloud forensics must also involve evidence from all the cloud actors with the process flow model.…”
Section: Introductionmentioning
confidence: 99%