The Reincarnation of Virtual Machines
Queue - Virtual Machines
HyperSpector: virtual distributed monitoring environments for secure intrusion detection
Proceedings of the 1st ACM/USENIX international conference on Virtual execution environments
Using VMM-based sensors to monitor honeypots
Proceedings of the 2nd international conference on Virtual execution environments
Manitou: a layer-below approach to fighting malware
Proceedings of the 1st workshop on Architectural and system support for improving software dependability
Queue - Computer Architecture
Towards a tamper-resistant kernel rootkit detector
Proceedings of the 2007 ACM symposium on Applied computing
Towards a VMM-based usage control framework for OS kernel integrity protection
Proceedings of the 12th ACM symposium on Access control models and technologies
A layered approach to simplified access control in virtualized systems
ACM SIGOPS Operating Systems Review
SecVisor: a tiny hypervisor to provide lifetime kernel code integrity for commodity OSes
Proceedings of twenty-first ACM SIGOPS symposium on Operating systems principles
Automated detection of persistent kernel control-flow attacks
Proceedings of the 14th ACM conference on Computer and communications security
Stealthy malware detection through vmm-based "out-of-the-box" semantic view reconstruction
Proceedings of the 14th ACM conference on Computer and communications security
Virtualization and Digital Forensics: A Research and Education Agenda
Journal of Digital Forensic Practice
A hardware-based memory acquisition procedure for digital investigations
Digital Investigation: The International Journal of Digital Forensics & Incident Response
A formal model for virtual machine introspection
Proceedings of the 1st ACM workshop on Virtual machine security
Using virtualization for high availability and disaster recovery
IBM Journal of Research and Development
CUDACS: securing the cloud with CUDA-enabled secure virtualization
ICICS'10 Proceedings of the 12th international conference on Information and communications security
Secure virtualization for cloud computing
Journal of Network and Computer Applications
Simulating windows-based cyber attacks using live virtual machine introspection
Proceedings of the 2010 Summer Computer Simulation Conference
Vis: virtualization enhanced live acquisition for native system
Proceedings of the Second Asia-Pacific Workshop on Systems
A survey of main memory acquisition and analysis techniques for the windows operating system
Digital Investigation: The International Journal of Digital Forensics & Incident Response
An introspection-based memory scraper attack against virtualized point of sale systems
FC'11 Proceedings of the 2011 international conference on Financial Cryptography and Data Security
Verifying system integrity by proxy
TRUST'12 Proceedings of the 5th international conference on Trust and Trustworthy Computing
Bridging the Semantic Gap in Virtual Machine Introspection via Online Kernel Data Redirection
ACM Transactions on Information and System Security (TISSEC)
Real-time deep virtual machine introspection and its applications
Proceedings of the 10th ACM SIGPLAN/SIGOPS international conference on Virtual execution environments
| Hi-index | 0.00 |
While static examination of computer systems is an important part of many digital forensics investigations, there are often important system properties present only in volatile memory that cannot be effectively recovered using static analysis techniques, such as offline hard disk acquisition and analysis. An alternative approach, involving the live analysis of target systems to uncover this volatile data, presents significant risks and challenges to forensic investigators as observation techniques are generally intrusive and can affect the system being observed. This paper provides a discussion of live digital forensics analysis through virtual introspection and presents a suite of virtual introspection tools developed for Xen (VIX tools). The VIX tools suite can be used for unobtrusive digital forensic examination of volatile system data in virtual machines, and addresses a key research area identified in the virtualization in digital forensics research agenda [22].