Virtual Machine Forensics – Essay Example
The paper “Virtual Machine Forensics” is an excellent example of an essay on information technology
Virtual machines are considered as mimicries of certain computer systems. Type 2 hypervisors (hosted hypervisors) are virtual machine managers that are installed as software applications on an operating system that is already in existence (Steuart, Nelson & Phillips, 2009). Some of the type 2 hypervisors include Oracle VirtualBox, VMware Workstation, Parallels Desktop, and KVM among others. As opposed to the type 1 hypervisors, they support virtual guest machines by coordinating CPU, network, memory and other calls from other resources via the operating system of the host. Some of the type 2 hypervisors that can fit in a flash drive of less than 16GB are Oracle Virtualbox and VMware Workstation.
VMware workstation supports Windows and Linux while Oracle VirtualBox supports the two mentioned operating systems together with OS X and Solaris. Kernel-based VMs supports Unix-like operating systems while Parallels Desktop supports Mac OS X. Investigations that involve VMs are not different from the normal investigations. In such investigations which incorporate the use of type 2 hypervisors, a forensic image is obtained from the host computer and the network logs (Steuart, Nelson & Phillips, 2009). Some of the forensic tools that can be loaded on the drive include Digital Forensic Framework, SIFT, CAINE Linux, The Sleuth Kit which works well with KVM and BlackLight.
There are various deterrents that should be considered before releasing a virtual machine to the consumer. Some of these precautions include evaluating some of the assets that require protection and coming up with an uncompromising security tactic. The vibrant nature of a company should also be merged in the security plan involved in the fortification of data and the software of the VM.
Both malicious and non-malicious threats to the software and data should be considered. Thereafter, the company should develop a security strategy that deals with the evasion of these potential harms to the software and the data. Some of the major threats include DDoS attacks (Distributed denial of service) and zero-day attacks (Steuart, Nelson & Phillips, 2009). These attacks have a high monetary impact on the software and data hence, the need for developing a security strategy to deal with such attacks.