You are here

THE IMPLICATIONS OF VIRTUAL ENVIRONMENTS IN DIGITAL FORENSIC INVESTIGATIONS

Download pdf | Full Screen View

Date Issued:
2011
Abstract/Description:
This research paper discusses the role of virtual environments in digital forensic investigations. With virtual environments becoming more prevalent as an analysis tool in digital forensic investigations, it's becoming more important for digital forensic investigators to understand the limitation and strengths of virtual machines. The study aims to expose limitations within commercial closed source virtual machines and open source virtual machines. The study provides a brief overview of history digital forensic investigations and virtual environments, and concludes with an experiment with four common open and closed source virtual machines; the effects of the virtual machines on the host machine as well as the performance of the virtual machine itself. My findings discovered that while the open source tools provided more control and freedom to the operator, the closed source tools were more stable and consistent in their operation. The significance of these findings can be further researched by applying them in the context of exemplifying reliability of forensic techniques when presented as analysis tool used in litigation.
Title: THE IMPLICATIONS OF VIRTUAL ENVIRONMENTS IN DIGITAL FORENSIC INVESTIGATIONS.
35 views
9 downloads
Name(s): Patterson, Farrah, Author
Lang, Sheau-Dong, Committee Chair
Guha, Ratan, Committee Member
Zou, Changchun, Committee Member
, Committee Member
University of Central Florida, Degree Grantor
Type of Resource: text
Date Issued: 2011
Publisher: University of Central Florida
Language(s): English
Abstract/Description: This research paper discusses the role of virtual environments in digital forensic investigations. With virtual environments becoming more prevalent as an analysis tool in digital forensic investigations, it's becoming more important for digital forensic investigators to understand the limitation and strengths of virtual machines. The study aims to expose limitations within commercial closed source virtual machines and open source virtual machines. The study provides a brief overview of history digital forensic investigations and virtual environments, and concludes with an experiment with four common open and closed source virtual machines; the effects of the virtual machines on the host machine as well as the performance of the virtual machine itself. My findings discovered that while the open source tools provided more control and freedom to the operator, the closed source tools were more stable and consistent in their operation. The significance of these findings can be further researched by applying them in the context of exemplifying reliability of forensic techniques when presented as analysis tool used in litigation.
Identifier: CFE0004152 (IID), ucf:49050 (fedora)
Note(s): 2011-12-01
M.S.
Engineering and Computer Science, Computer Science
Masters
This record was generated from author submitted information.
Subject(s): Forensics -- Virtual Machines -- Virtual Environments -- Digital Investigations
Persistent Link to This Record: http://purl.flvc.org/ucf/fd/CFE0004152
Restrictions on Access: public 2011-12-15
Host Institution: UCF

In Collections