Securing information by performing forensic and network analysis on hosted virtualization

Author

Naik, Nenavath Srinivas ; Kumar, Kethavath Prem ; Vasumathi, D.

Author_Institution

Sch. of Comput. & Inf. Sci., Univ. of Hyderabad, Hyderabad, India

fYear

2014

Firstpage

1

Lastpage

7

Abstract

A Hypervisor at the same time agrees a single system to run two or additional operating systems. To gather forensic proof of examined activities or attacks against the system, the evidence kept in logs of a system plays an important role. In this paper, we have analyzed logs, snapshots and also the network connectivity of guest and host operating systems. We have studied different virtualization systems and analyzed their logs, snapshots of hypervisor with dissimilar case studies to find the actions done on virtual systems. We have analyzed the deleted and formatted files information with the help of Encase forensic tool on some of the open source virtualization technologies like virtual box and qemu to ensure that the information existing in the system is always secure.

Keywords

digital forensics; operating systems (computers); virtual machines; virtualisation; Encase forensic tool; formatted file information; guest operating systems; host operating systems; hypervisor snapshots; information security; log analysis; network analysis; network connectivity; open source virtualization technologies; qemu; virtual box; virtual systems; virtualization systems; Forensics; Hardware; Kernel; Virtual machine monitors; Virtual machining; Virtualization; Encase; Forensic; Hypervisor; Security; VMware workstation; Virtual box; Virtual networking; Virtualization;

fLanguage

English

Publisher

ieee

Conference_Titel

Computer and Communications Technologies (ICCCT), 2014 International Conference on

Type

conf

DOI

10.1109/ICCCT2.2014.7066717

Filename

7066717