Analyzing the Impact of a Virtual Machine on a Host Machine

Authors

Greg DornFollow
Chris MarberryFollow
Scott ConradFollow
Philip Craiger, University of Central FloridaFollow

Submitting Campus

Daytona Beach

Department

Security Studies & International Affairs

Document Type

Conference Proceeding

Publication/Presentation Date

2009

Abstract/Description

As virtualization becomes more prevalent in the enterprise and in personal computing, there is a great need to understand the technology as well as its ramifications for recovering digital evidence. This paper focuses on trace evidence related to the installation and execution of virtual machines (VMs) on a host machine. It provides useful information regarding the types and locations of files installed by VM applications, the processes created by running VMs and the structure and identity of VMs, ancillary files and associated artifacts.

Publication Title

Advances in Digital Forensics V

Publisher

International Federation for Information Processing/Springer

Additional Information

Dr. Craiger was not affiliated with Embry-Riddle Aeronautical University at the time this paper was published.

Scholarly Commons Citation

Dorn, G., Marberry, C., Conrad, S., & Craiger, P. (2009). Analyzing the Impact of a Virtual Machine on a Host Machine. Advances in Digital Forensics V, (). Retrieved from https://commons.erau.edu/publication/1000