Forensic analysis on QEMU

Chandra Shekar, N.; Bhukya, Wilson Naik

Forensic analysis on QEMU

Date

2011-12-26

Authors

Chandra Shekar, N.

Bhukya, Wilson Naik

Abstract

QEMU is a generic and open source machine emulator and virtualizer. Snapshots in Qemu are stored inside the image itself where the guest OS is installed. Patches have been submitted for qemu to store the snapshot file in the home directory. In this paper we have explained the modifications done to the qemu source code by which snapshots can be stored in the user specific location in the computer for forensic analysis. In this paper we also discussed about snapshot comparisons. © 2011 Springer-Verlag.

Keywords

emulator, Qemu, snapshots, virtual machines

Citation

Communications in Computer and Information Science. v.250 CCIS

URI

10.1007/978-3-642-25734-6_138
http://link.springer.com/10.1007/978-3-642-25734-6_138
https://dspace.uohyd.ac.in/handle/1/8441

Collections

Computer and Information Sciences - Publications

Full item page