Abstract—Fundamental approach for digital forensic is static analysis. It involves the analysis of data preserved on permanent storage media. When a system is examined by the static analysis, it does not provide the complete scenario of the event. Thus a virtual machine created from the static data to help in collecting the evidence. Introduction of virtual machine enables a much simpler way of investigation. Use of virtualization technology is continuously growing in commercial area. Therefore, instead of using virtual machines for forensic examination virtual enviourment needs to be examined itself. Investigation can be done without violating the data collected as evidence since virtual desktop can be made as forensic platform. This paper discuss about the investigation in virtual enviourment. However investigation in virtual enviourment is simpler than the investigating physical enviourment.
Index Terms—Computer evidence, digital forensic, virtual disk image, virtualization, VMware.
Smita V. Khangar is with G. H. Raisoni College of Engineering (e-mail: Smita146@gmail.com)
Cite: Smita V. Khangar, G. H. R. C. E. Nagpur, and Rajiv V. Dharaskar, "Digital Forensic Investigation for Virtual Machines," International Journal of Modeling and Optimization vol. 2, no. 6, pp. 663-666, 2012.
Copyright © 2008-2024. International Journal of Modeling and Optimization. All rights reserved.
E-mail: ijmo@iacsitp.com