Please use this identifier to cite or link to this item:

Container and VM Visualization for Rapid Forensic Analysis

File Size Format  
0632.pdf 891.18 kB Adobe PDF View/Open

Item Summary

Title:Container and VM Visualization for Rapid Forensic Analysis
Authors:Shropshire, Jordan
Benton, Ryan
Keywords:Cybersecurity Investigations and Digital Forensics
digital forensics
virtual machine
Date Issued:07 Jan 2020
Abstract:Cloud-hosted software such as virtual machines and containers are notoriously difficult to access, observe, and inspect during ongoing security events. This research describes a new, out-of-band forensic tool for rapidly analyzing cloud based software. The proposed tool renders two-dimensional visualizations of container contents and virtual machine disk images. The visualizations can be used to identify container / VM contents, pinpoint instances of embedded malware, and find modified code. The proposed new forensic tool is compared against other forensic tools in a double-blind experiment. The results confirm the utility of the proposed tool. Implications and future research directions are also described.
Pages/Duration:10 pages
Rights:Attribution-NonCommercial-NoDerivatives 4.0 International
Appears in Collections: Cybersecurity Investigations and Digital Forensics

Please email if you need this content in ADA-compliant format.

This item is licensed under a Creative Commons License Creative Commons