Skip to main content

Microsoft Research Audio 104743: Virtual machines: the ultimate tool for computer forensics

Item Preview

There Is No Preview Available For This Item

This item does not appear to have any files that can be experienced on Archive.org.

Show all files

audio

Microsoft Research Audio 104743: Virtual machines: the ultimate tool for computer forensics

by
Microsoft Research

Publication date
Topics
Microsoft Research, Microsoft Research Audio MP3 Archive, Yi-Min Wang, Peter Chen,
Language
English

The field of computer forensics seeks to help investigators reconstruct what happened during a computer intrusion. Did an attacker break in, and if so, how? What havoc did the attacker wreak after breaking in? Tools that help investigators answer these types of questions are still quite primitive and are often hindered by incomplete or incorrect information. Virtual machines can enable more-powerful forensic analysis through techniques such as replaying a computer's instruction stream and introspecting on the state of a virtual machine. This talk describes how to provide and use virtual machine replay and introspection to enable arbitrary forensic analysis, enable reverse debugging of intrusions and bugs, and detect intrusions in the past and present through vulnerability-specific predicates.

©2005 Microsoft Corporation. All rights reserved.
Addeddate
2013-11-24 05:11:15
Boxid
OL100020314
Identifier
Microsoft_Research_Audio_104743
Run time
01:01:12
Year
2005

plus-circle Add Review
comment
Reviews

There are no reviews yet. Be the first one to write a review.

6 Views

DOWNLOAD OPTIONS

download 1 file
ITEM TILE download
download 4 Files
download 4 Original
SHOW ALL

IN COLLECTIONS

Microsoft Research Audio
Podcasts Mirror

Uploaded by chris85 on

SIMILAR ITEMS (based on metadata)

Terms of Service (last updated 12/31/2014)