|
|
 |
|
Trends in
Virtualized User Environments ABSTRACT
Virtualized environments can make
forensics investigation more difficult. Technological advances
in virtualization tools essentially make removable media a PC
that can be carried around in a pocket or around a neck. Running
operating systems and applications this way leaves very little
trace on the host system. This paper will explore all the newest
methods for virtualized environments and the implications they
have on the world of forensics. It will begin by describing and
differentiating between software and hardware virtualization. It
will then move on to explain the various methods used for server
and desktop virtualization. Next, it will explain how
virtualization affects the basic forensic process. Finally, it
will describe the common methods to find virtualization
artifacts and identify virtual activities that affect the
examination process of certain virtualized user environments. Keywords: Hardware-assisted,
Hypervisor, Para-virtualization, Virtual Machine,
virtualization, VMware, Moka5, MojoPac, Portable Virtual Privacy
Machine, VirtualBox |
Copyright © 2006 Association of Digital Forensics, Security and Law (ADFSL)