Hiding in a virtual world: Using unconventionally installed operating systems

Author

Bares, Richard Arthur

Author_Institution

Univ. of Central Florida, Orlando, FL

fYear

2009

fDate

8-11 June 2009

Firstpage

276

Lastpage

284

Abstract

Necessity is the mother of invention, and necessity has produced many software and hardware tools in the realm of computer networking and security to overcome problems encountered in the private and public sector. Unconventionally installed operating systems including virtual machines, operating systems installed on removable media and external storage drives are some recent inventions. These tools have been very useful to network administrators, but they can also be used in ways not intended by their creators in an attempt to mask the activities of a user. This paper will attempt to evaluate the possibility of using these unconventionally installed operating systems in an attempt to hide one´s activities from conventional digital forensic tools. This evaluation will be conducted by repeating a series of tests inside a virtual environment, then overwriting the virtual environment flat file and having the host computer imaged and examined by forensic tools.

Keywords

operating systems (computers); security of data; software tools; virtual reality; computer networking; digital forensic tools; unconventionally installed operating systems; virtual environment; virtual machines; virtual world; Computer networks; Computer security; Digital forensics; Hardware; Law enforcement; Network servers; Operating systems; Software tools; Virtual environment; Virtual machining; Digital Forensics; VMWare; unconventionally installed operating systems;

fLanguage

English

Publisher

ieee

Conference_Titel

Intelligence and Security Informatics, 2009. ISI '09. IEEE International Conference on

Conference_Location

Dallas, TX

Print_ISBN

978-1-4244-4171-6

Electronic_ISBN

978-1-4244-4173-0

Type

conf

DOI

10.1109/ISI.2009.5137326

Filename

5137326