Forensic analysis of container checkpoints
- Mentors
- Adrian Reber, Radostin Stoyanov
- Organization
- CRIU
- Technologies
- golang
- Topics
- linux, Containerization, CRIU, Memory forensic
The goal of this proposal is to address the challenge of investigating the contents of containerized applications, which run in isolation from the host operating system. The proposed solution is to extend go-crit with forensic analysis features to improve its usability in analyzing container checkpoints. Then the new features of go-crit will be used to enhance checkpointctl's user-friendliness when performing forensic analysis of container checkpoints.
The deliverables of this project will include the following:
- An updated version of go-crit with forensic analysis features, which will allow other tools written in Go to perform forensic analysis of container checkpoints more easily.
- An updated version of checkpointctl CLI with new command designed for forensic analysis of container checkpoints.