Please use this identifier to cite or link to this item: http://hdl.handle.net/10125/64525

Container and VM Visualization for Rapid Forensic Analysis

File Size Format  
0632.pdf 891.18 kB Adobe PDF View/Open

Item Summary

Title:Container and VM Visualization for Rapid Forensic Analysis
Authors:Shropshire, Jordan
Benton, Ryan
Keywords:Cybersecurity Investigations and Digital Forensics
cloud
container
digital forensics
virtual machine
Date Issued:07 Jan 2020
Abstract:Cloud-hosted software such as virtual machines and containers are notoriously difficult to access, observe, and inspect during ongoing security events. This research describes a new, out-of-band forensic tool for rapidly analyzing cloud based software. The proposed tool renders two-dimensional visualizations of container contents and virtual machine disk images. The visualizations can be used to identify container / VM contents, pinpoint instances of embedded malware, and find modified code. The proposed new forensic tool is compared against other forensic tools in a double-blind experiment. The results confirm the utility of the proposed tool. Implications and future research directions are also described.
Pages/Duration:10 pages
URI:http://hdl.handle.net/10125/64525
ISBN:978-0-9981331-3-3
DOI:10.24251/HICSS.2020.783
Rights:Attribution-NonCommercial-NoDerivatives 4.0 International
https://creativecommons.org/licenses/by-nc-nd/4.0/
Appears in Collections: Cybersecurity Investigations and Digital Forensics


Please email libraryada-l@lists.hawaii.edu if you need this content in ADA-compliant format.

This item is licensed under a Creative Commons License Creative Commons