• Title/Summary/Keyword: desktop virtualization forensics

Search Result 2, Processing Time 0.014 seconds

Digital Forensic Investigation of Virtual Desktop Infrastructure (가상 데스크톱 환경에 대한 디지털 포렌식 연구)

  • Jang, Sanghee;Kim, Deunghwa;Park, Jungheum;Kang, Cheulhoon;Lee, Sangjin
    • Journal of the Korea Institute of Information Security & Cryptology
    • /
    • v.23 no.2
    • /
    • pp.203-212
    • /
    • 2013

  • Recently, cloud computing is one of the parts showing the biggest growth in the IT market and is expected to continue to grow into. Especially, many companies are adopting virtual desktop infrastructure as private cloud computing to achieve in saving the cost and enhancing the efficiency of the servers. However, current digital forensic investigation methodology of cloud computing is not systematized scientifically and technically. To do this, depending on the type of each cloud computing services, digital evidence collection system for the legal enforcement should be established. In this paper, we focus on virtual desktop infrastructure as private cloud computing and introduce the most widely used around the world desktop virtualization solutions of VMware, Citrix, and Microsoft. And We propose digital forensic investigation methodology for private cloud computing that is constructed by these solutions.

  • https://doi.org/10.13089/JKIISC.2013.23.2.203 인용 PDF KSCI HTML

A study on an investigation procedure of digital forensics for VMware Workstation's virtual machine and a method for a corrupted image recovery (VMware Workstation 가상 머신 이미지에 대한 디지털 포렌식 조사 절차 및 손상된 이미지 복구 방안)

  • Lim, Sung-Su;Yoo, Byeong-Yeong;Park, Jung-Heum;Byun, Keun-Duck;Lee, Sang-Jin
    • Journal of the Korea Institute of Information Security & Cryptology
    • /
    • v.21 no.2
    • /
    • pp.61-70
    • /
    • 2011

  • Virtualization is a technology that uses a logical environment to overcome physical limitations in hardware. As a part of cost savings and green IT policies, there is a tendency in which recent businesses increase the adoption of such virtualization. In particular, regarding the virtualization in desktop, it is one of the most widely used technology at the present time. Because it is able to efficiently use various types of operating systems in a physical computer. A virtual machine image that is a key component of virtualization is difficult to investigate. because the structure of virtual machine image is different from hard disk image. Therefore, we need researches about appropriate investigation procedure and method based on technical understanding of a virtual machine. In this research, we suggest a procedure of investigation on a virtual machine image and a method for a corrupted image of the VMware Workstation that has the largest number of users.

  • https://doi.org/10.13089/JKIISC.2011.21.2.61 인용 PDF KSCI HTML