Hypervisor Event Logs as a Source of Consistent Virtual Machine Evidence for Forensic Cloud Investigations

Abstract : Cloud Computing is an emerging model of computing where users can leverage the computing infrastructure as a service stack or commodity. The security and privacy concerns of this infrastructure arising from the large co-location of tenants are, however, significant and pose considerable challenges in its widespread deployment. The current work addresses one aspect of the security problem by facilitating forensic investigations to determine if these virtual tenant spaces were maliciously violated by other tenants. It presents the design, application and limitations of a software prototype called the Virtual Machine (VM) Log Auditor that helps in detecting inconsistencies within the activity timelines for a VM history. A discussion on modeling a consistent approach is also provided.
Type de document :
Communication dans un congrès
Lingyu Wang; Basit Shafiq. 27th Data and Applications Security and Privacy (DBSec), Jul 2013, Newark, NJ, United States. Springer, Lecture Notes in Computer Science, LNCS-7964, pp.97-112, 2013, Data and Applications Security and Privacy XXVII. 〈10.1007/978-3-642-39256-6_7〉
Liste complète des métadonnées

https://hal.inria.fr/hal-01490726
Contributeur : Hal Ifip <>
Soumis le : mercredi 15 mars 2017 - 17:22:32
Dernière modification le : jeudi 16 mars 2017 - 09:24:24
Document(s) archivé(s) le : vendredi 16 juin 2017 - 15:10:44

Fichier

978-3-642-39256-6_7_Chapter.pd...
Fichiers produits par l'(les) auteur(s)

Licence


Distributed under a Creative Commons Paternité 4.0 International License

Identifiants

Citation

Sean Thorpe, Indrajit Ray, Tyrone Grandison, Abbie Barbir, Robert France. Hypervisor Event Logs as a Source of Consistent Virtual Machine Evidence for Forensic Cloud Investigations. Lingyu Wang; Basit Shafiq. 27th Data and Applications Security and Privacy (DBSec), Jul 2013, Newark, NJ, United States. Springer, Lecture Notes in Computer Science, LNCS-7964, pp.97-112, 2013, Data and Applications Security and Privacy XXVII. 〈10.1007/978-3-642-39256-6_7〉. 〈hal-01490726〉

Partager

Métriques

Consultations de la notice

27

Téléchargements de fichiers

99