Container and VM Visualization for Rapid Forensic Analysis

Simple item page
dc.contributor.authorShropshire, Jordan
dc.contributor.authorBenton, Ryan
dc.date.accessioned2020-01-04T08:30:43Z
dc.date.available2020-01-04T08:30:43Z
dc.date.issued2020-01-07
dc.description.abstractCloud-hosted software such as virtual machines and containers are notoriously difficult to access, observe, and inspect during ongoing security events. This research describes a new, out-of-band forensic tool for rapidly analyzing cloud based software. The proposed tool renders two-dimensional visualizations of container contents and virtual machine disk images. The visualizations can be used to identify container / VM contents, pinpoint instances of embedded malware, and find modified code. The proposed new forensic tool is compared against other forensic tools in a double-blind experiment. The results confirm the utility of the proposed tool. Implications and future research directions are also described.
dc.format.extent10 pages
dc.identifier.doi10.24251/HICSS.2020.783
dc.identifier.isbn978-0-9981331-3-3
dc.identifier.urihttp://hdl.handle.net/10125/64525
dc.language.isoeng
dc.relation.ispartofProceedings of the 53rd Hawaii International Conference on System Sciences
dc.rightsAttribution-NonCommercial-NoDerivatives 4.0 International
dc.rights.urihttps://creativecommons.org/licenses/by-nc-nd/4.0/
dc.subjectCybersecurity Investigations and Digital Forensics
dc.subjectcloud
dc.subjectcontainer
dc.subjectdigital forensics
dc.subjectvirtual machine
dc.titleContainer and VM Visualization for Rapid Forensic Analysis
dc.typeConference Paper
dc.type.dcmiText

Files

Original bundle
Now showing 1 - 1 of 1
Thumbnail Image
Name:
0632.pdf
Size:
891.18 KB
Format:
Adobe Portable Document Format
Download

Collections

Cybersecurity Investigations and Digital Forensics