A research on the investigation method of digital forensics for a VMware Workstation's virtual machine
- Authors
- Lim, Sungsu; Yoo, Byeongyeong; Park, Jungheum; Byun, KeunDuck; Lee, Sangjin
- Issue Date
- 1월-2012
- Publisher
- PERGAMON-ELSEVIER SCIENCE LTD
- Keywords
- Digital forensics; Virtualization; VMware; Virtual machine
- Citation
- MATHEMATICAL AND COMPUTER MODELLING, v.55, no.1-2, pp.151 - 160
- Indexed
- SCIE
SCOPUS
- Journal Title
- MATHEMATICAL AND COMPUTER MODELLING
- Volume
- 55
- Number
- 1-2
- Start Page
- 151
- End Page
- 160
- URI
- https://scholar.korea.ac.kr/handle/2021.sw.korea/109117
- DOI
- 10.1016/j.mcm.2011.02.011
- ISSN
- 0895-7177
- Abstract
- Virtualization is a technology that uses a logical environment to overcome physical limitations in hardware. Recently, its coverage has become broader. Because a virtual machine can perform the same role as an actual system, a recorded user's activity trail in the virtual machine is important factor in terms of digital forensics. If the investigator found trails of the VMware Workstation on the host, he should investigate the virtual machine along with host system. However, due to a lack of understanding of the virtual machine, the investigation process is not clear. Moreover, a damaged virtual machine image is difficult to investigate because of the structural characteristics. Therefore, we need a technical understanding and a research about investigation procedures and recovery methods on the virtual machine. In this research, we suggest an investigation procedure of digital forensics and a recovery method on damaged images for the VMware Workstation that has the largest number of users. (C) 2011 Elsevier Ltd. All rights reserved.
- Files in This Item
- There are no files associated with this item.
- Appears in
Collections - School of Cyber Security > Department of Information Security > 1. Journal Articles
Items in ScholarWorks are protected by copyright, with all rights reserved, unless otherwise indicated.