首页    期刊浏览 2024年12月11日 星期三
登录注册

文章基本信息

  • 标题:Forensic Analysis of Virtual Hard Drives
  • 本地全文:下载
  • 作者:Tobin, Patrick ; Le-Khac, Nhien-An ; Kechadi, Tahar
  • 期刊名称:Journal of Digital Forensics, Security and Law
  • 印刷版ISSN:1558-7215
  • 电子版ISSN:1558-7223
  • 出版年度:2017
  • 卷号:12
  • 期号:1
  • 页码:10
  • 出版社:Association of Digital Forensics, Security and Law
  • 摘要:The issue of the volatility of virtual machines is perhaps the most pressing concern in any digital investigation. Current digital forensics tools do not fully address the complexities of data recovery that are posed by virtual hard drives. It is necessary, for this reason, to explore ways to capture evidence other than those using current digital forensic methods. This should be done in the most efficient and secure manner, as quickly, and in a non-intrusive way as can be achieved. All data in a virtual machine is disposed of when that virtual machine is destroyed, it may not therefore be possible to extract and preserve evidence such as incriminating images prior to destruction. Recovering that evidence, or finding some way of associating that evidence with the virtual machine before its destruction, is therefore crucial. In this paper, we present a method of extracting evidence from a virtual hard disk drive in a quick, secure and verifiable manner, with a minimum impact on the drive thus preserving its integrity for further analysis.
  • 关键词:Virtual Machine; Digital Forensics; Virtual Machine Forensics; Virtual Hard Drive
国家哲学社会科学文献中心版权所有