Skip to main content

Advanced Search

Projected result for your current search: 0

Search Operators:

You can use operators in your search query to narrow down your results even more. Click on the search operator to see an explanation of how it works.
Finds documents with exactly this word group, in exactly this word order and spelling (e.g. "employer branding").
Finds documents with both search terms (e.g. sales AND bonus).
Finds documents with one or the other search term (e.g. porsche OR volkswagen).
Finds documents with all search terms. Blank space is understood as AND (e.g. man robot production).
Finds documents with no appearance of the word behind NOT (e.g. ford NOT "harrison ford").
Finds documents where the search term is mentioned at least "n" times."n" may be any number (e.g. COUNT(gear)>8).
Finds documents with both search terms in any word order, permitting "n" words as a maximum distance between them. Best choose between 15 and 30 (e.g. NEAR(recruit, professionals, 20)).
Finds documents with the search term in word versions or composites. The asterisk * marks whether you wish them BEFORE, BEHIND, or BEFORE and BEHIND the search term (e.g. lightweight*, *lightweight, *lightweight*).
Finds documents with the search term in different spellings. "?" allows only one character (e.g. organi?ation).
Special characters are understood as AND (e.g. Miller Bros. & Sons).

Semantic Search

powered by (Link opens in a new window)
loading …
Log in
Top

WaybackVisor: Hypervisor-Based Scalable Live Forensic Architecture for Timeline Analysis

  • 2017
  • OriginalPaper
  • Chapter
Published in:
Authors
Manabu Hirano
Takuma Tsuzuki
Seishiro Ikeda
Naoga Taka
Kenji Fujiwara
Ryotaro Kobayashi
Published in
Security, Privacy, and Anonymity in Computation, Communication, and Storage
Publisher
Springer International Publishing

Activate our intelligent search to find suitable subject content or patents.

search-config
loading …

Abstract

Current forensic investigations have to process a large amount of collected data in a limited time. Moreover, we need to ensure collected data are not compromised before seizing suspects’ computers. For protecting evidences on important computers, this paper proposes a lightweight hypervisor that supports proactive collection and preservation of I/O logs. The proposed WaybackVisor automatically transfers all I/O logs of ATA drives to a Hadoop cluster. Our experiment showed the prototype implementation of WaybackVisor achieves write throughput of 79.7 MB/s. This paper also demonstrates timeline analysis functions for the I/O logs on the Hadoop cluster. Finally, we compared the proposed WaybackVisor with similar lightweight hypervisors that support live forensics.

Already a customer? Then log in here to gain access.

Customer login

Not a customer yet? Then find out more about our access models now:

Individual Access

Start your personal individual access now. Get instant access to more than 164,000 books and 540 journals – including PDF downloads and new releases.

Starting from 54,00 € per month!    

Get access

Access for Businesses

Utilise Springer Professional in your company and provide your employees with sound specialist knowledge. Request information about corporate access now.

Find out how Springer Professional can uplift your work!

Contact us now

For explorers: Get to know our platforms better with a free registration.

Register for free
previous chapter Code Abstractions for Automatic Information Flow Control in a Model-Driven Approach
next chapter Cloud Ownership and Reliability – Issues and Developments
Title
WaybackVisor: Hypervisor-Based Scalable Live Forensic Architecture for Timeline Analysis
Authors
Manabu Hirano
Takuma Tsuzuki
Seishiro Ikeda
Naoga Taka
Kenji Fujiwara
Ryotaro Kobayashi
Copyright Year
2017
Book
Security, Privacy, and Anonymity in Computation, Communication, and Storage

Print ISBN: 978-3-319-72394-5

Electronic ISBN: 978-3-319-72395-2

Copyright Year: 2017

DOI
https://doi.org/10.1007/978-3-319-72395-2_21
This content is only visible if you are logged in and have the appropriate permissions.

Premium Partner

    Image Credits
    Neuer Inhalt/© ITandMEDIA, Nagarro GmbH/© Nagarro GmbH, AvePoint Deutschland GmbH/© AvePoint Deutschland GmbH, AFB Gemeinnützige GmbH/© AFB Gemeinnützige GmbH, USU GmbH/© USU GmbH, Ferrari electronic AG/© Ferrari electronic AG