Electronic crime investigations in a virtualised environment: a forensic process and prototype for evidence collection and analysis. Issue 2 (4th March 2018)
- Record Type:
- Journal Article
- Title:
- Electronic crime investigations in a virtualised environment: a forensic process and prototype for evidence collection and analysis. Issue 2 (4th March 2018)
- Main Title:
- Electronic crime investigations in a virtualised environment: a forensic process and prototype for evidence collection and analysis
- Authors:
- Ahmad, Ijaz
Abbas, Haider
Raza, Asad
Choo, Kim-Kwang Raymond
Sajid, Anam
Pasha, Maruf
Khan, Farrukh Aslam - Abstract:
- Abstract: The constant evolution of virtualisation technologies and the availability of anti-forensic techniques and tools complicate efforts by forensic investigators to investigate a crime or a cyber security incident. Forensic collection can be complicated and requires significant efforts to investigate incidents involving contemporary technologies (e.g. crime launched from a virtual machine and there had been attempts to erase evidence after the incident). This paper presents a forensic process to collect and analyse traces of a virtual machine and its corresponding manager, recorded across multiple sources including the file system, Windows registry, history, and log files from a forensic viewpoint. To demonstrate utility of the forensic mechanism, the Virtual Machine Forensic Artefact Collector (VMFAC) prototype is developed and presented in this paper.
- Is Part Of:
- Australian journal of forensic sciences. Volume 50:Issue 2(2018)
- Journal:
- Australian journal of forensic sciences
- Issue:
- Volume 50:Issue 2(2018)
- Issue Display:
- Volume 50, Issue 2 (2018)
- Year:
- 2018
- Volume:
- 50
- Issue:
- 2
- Issue Sort Value:
- 2018-0050-0002-0000
- Page Start:
- 183
- Page End:
- 208
- Publication Date:
- 2018-03-04
- Subjects:
- Virtual machine traces -- Windows registry analysis -- forensic evidence
Law -- Australia -- Periodicals
Forensic sciences -- Periodicals
Forensic Medicine -- Periodicals
363.2505 - Journal URLs:
- http://www.tandfonline.com/toc/tajf20/current ↗
http://www.informaworld.com/openurl?genre=journal&issn=0045%2d0618 ↗
http://www.tandfonline.com/ ↗ - DOI:
- 10.1080/00450618.2016.1229814 ↗
- Languages:
- English
- ISSNs:
- 0045-0618
- Deposit Type:
- Legaldeposit
- View Content:
- Available online (eLD content is only available in our Reading Rooms) ↗
- Physical Locations:
- British Library DSC - 1808.100000
British Library DSC - BLDSS-3PM
British Library STI - ELD Digital store - Ingest File:
- 5672.xml