An Experimental Survey Towards Engaging Trustable Hypervisor Log Evidence Within a Cloud Forensic Environment
In this paper, the author explores the technical as well as high level conceptual trust issues that arise in acquiring log forensic evidence from the Virtual Machine (VM) hosted operating systems within the data clouds. This specific survey work is done at the University of TECHnology [UTECH], Jamaica, which currently functions as its own independent private data cloud provider. The data acquisition is particular to the hypervisor system logs that can be used to track VM incidences which are later used to compile potential evidence for a cloud investigation. This paper also presents a model to show the layers of virtualization trust that can arguably be used to support the collection of such log evidence.