Title :
Investigating the implications of virtual forensics
Author :
Sharma, Harshit ; Sabharwal, Nitish
Author_Institution :
Dept. of Inf. Technol., Ansal Inst. of Technol., Gurgaon, India
Abstract :
Computer Forensic process consists of Preparation, Acquisition, Preservation, Examination and Analysis, and Reporting. With the booming of the virtualization technology and the popularity of virtual machines for end users to deal with daily works, the probability of using virtual machines for malicious purposes keeps increasing. In this paper we propose a methodology by using virtual forensics for malware analysis and network forensics. Traditional forensics is done by using physical data. When company has large storage data and virtual environment, it creates a problem for traditional forensic while acquiring data. This paper proposes challenges, tools to be used, forensic techniques to be used and how to acquire data from cloud.
Keywords :
cloud computing; computer forensics; data analysis; invasive software; virtual machines; virtualisation; acquisition process; analysis process; cloud data; computer forensic; examination process; forensic technique; malware analysis; network forensics; preparation process; preservation process; probability; reporting process; virtual forensics; virtual machine; virtualization technology; Companies; Computers; Forensics; Indexes; Operating systems; Virtual environments; Virtual machining; forensics; virtual forensics; virtual machine; virtualization;
Conference_Titel :
Advances in Engineering, Science and Management (ICAESM), 2012 International Conference on
Conference_Location :
Nagapattinam, Tamil Nadu
Print_ISBN :
978-1-4673-0213-5
