2 research outputs found
A virtual intergrated networks emulator on xen (viNex)
Network research experiments have traditionally been conducted in emulated or
simulated environments. Emulators are frequently deployed on physical networks.
Network simulators provide a self-contained and simple environment that can be
hosted on one host. Simulators provide a synthetic environment that is only an
approximation of the real world and therefore the results might not be a true
re
ection of reality.
Recent progress in virtualisation technologies enable the deployment of multiple
interconnected, virtual hosts on one machine. Virtual hosts run real network
protocol stacks and therefore provide an emulated environment on a single host.
The rst objective of this dissertation is to build a network emulator (viNEX)
using a virtualisation platform (XEN). The second objective is to evaluate whether
viNEX can be used to conduct some network research experiments. Thirdly, some
limitations of this approach are identifiedComputingM. Sc. (Computer Science
Simulating Windows-Based Cyber Attacks Using Live Virtual Machine Introspection
Static memory analysis has been proven a valuable technique for digital forensics. However, the memory capture technique halts the system causing the loss of important dynamic system data. As a result, live analysis techniques have emerged to complement static analysis. In this paper, a compiled memory analysis tool for virtualization (CMAT-V) is presented as a virtual machine introspection (VMI) utility to conduct live analysis during simulated cyber attacks. CMAT-V leverages static memory dump analysis techniques to provide live system state awareness. CMAT-V parses an arbitrary memory dump from a simulated guest operating system (OS) to extract user information, network usage, active process information and registry files. Unlike some VMI applications, CMAT-V bridges the semantic gap using derivation techniques. This provides increased operating system compatibility for current and future operating systems. This research demonstrates the usefulness of CMAT-V as a situational awareness tool during simulated cyber attacks and measures the overall performance of CMAT-V