Title :
Securing information by performing forensic and network analysis on hosted virtualization
Author :
Naik, Nenavath Srinivas ; Kumar, Kethavath Prem ; Vasumathi, D.
Author_Institution :
Sch. of Comput. & Inf. Sci., Univ. of Hyderabad, Hyderabad, India
Abstract :
A Hypervisor at the same time agrees a single system to run two or additional operating systems. To gather forensic proof of examined activities or attacks against the system, the evidence kept in logs of a system plays an important role. In this paper, we have analyzed logs, snapshots and also the network connectivity of guest and host operating systems. We have studied different virtualization systems and analyzed their logs, snapshots of hypervisor with dissimilar case studies to find the actions done on virtual systems. We have analyzed the deleted and formatted files information with the help of Encase forensic tool on some of the open source virtualization technologies like virtual box and qemu to ensure that the information existing in the system is always secure.
Keywords :
digital forensics; operating systems (computers); virtual machines; virtualisation; Encase forensic tool; formatted file information; guest operating systems; host operating systems; hypervisor snapshots; information security; log analysis; network analysis; network connectivity; open source virtualization technologies; qemu; virtual box; virtual systems; virtualization systems; Forensics; Hardware; Kernel; Virtual machine monitors; Virtual machining; Virtualization; Encase; Forensic; Hypervisor; Security; VMware workstation; Virtual box; Virtual networking; Virtualization;
Conference_Titel :
Computer and Communications Technologies (ICCCT), 2014 International Conference on
DOI :
10.1109/ICCCT2.2014.7066717
