![]() ![]() ![]() ![]() Finally the paper explores three solutions for the managed log evidence data acquisition phase within a cloud investigation. The experimental work is achieved by making a comparative evaluation of popular forensic acquisition tools including Guidance EnCase and AccessData Forensic Toolkit, as to how volatile and non-volatile hypervisor log data can be collected. The paper provides the context for the support of such cloud digital investigations and analyzes the choices available to a forensic investigator using proof of concept experiments. This work also presents a model to show the layers of virtualization trust that can arguably be used to support the collection of such log evidence. The data acquisition is particular to the hypervisor system logs that can be used to track VM incidences which are later used to compile potential evidence for a cloud investigation. This specific survey work is done at the University of Technology, Jamaica, which currently functions as its own independent private data cloud provider. In this survey paper the author explores the technical as well as high level conceptual trust issues that arise in acquiring log forensic evidence from the virtual machine (VM) hosted operating systems within the data clouds. ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |