Information Fusion-Based Digital Forensics Framework in Cloud Environment

2020 ◽  
Author(s):  
Liwen Peng ◽  
Jing Luo ◽  
Jin Li
Keyword(s):  
Information Fusion ◽  
Digital Forensics ◽  
Cloud Environment

Hard Clues in Soft Environments

2016 ◽  
pp. 112-138
Author(s):  
Andrea Atzeni ◽  
Paolo Smiraglia ◽  
Andrea Siringo
Keyword(s):  
Digital Forensics ◽  
Cloud Environment ◽  
Open Problems ◽  
Future Directions ◽  
Cloud Technology ◽  
Cloud Forensics ◽  
Security Issues

Cloud forensics is an open and important area of research due to the growing interest in cloud technology. The increasing frequency of digital investigations brings with it the need for studying specific scenarios in the area of forensics, both when evidence are inside the cloud and when the cloud can be used as platform to perform the investigations. In this chapter we highlight the problems digital forensics must deal with in the Cloud. We introduce historical roots of digital forensics, as well as an overall background about the Cloud and we provide possible meanings of cloud forensics, based on available definitions. Since the cloud introduces different architectural paradigm that affects all the phases of a forensics investigation, in this survey we detail many security issues digital forensics have to face in a cloud environment. We describe when and what available solutions exist and, on the contrary, the still open problems, and we discuss possible future directions in this field.

Cloud Computing Forensics

2015 ◽  
pp. 323-331
Author(s):  
Mario A. Garcia
Keyword(s):  
Cloud Computing ◽  
Digital Media ◽  
Digital Forensics ◽  
Forensic Analysis ◽  
Cloud Environment ◽  
Malicious Activity ◽  
Cloud Application ◽  
Chain Of Custody ◽  
A Chain ◽  
A Company

As computer technology evolved over the last 30 years, so did the opportunity to use computers to break the law. Out of necessity, digital forensics was birthed. Computer forensics is the practice of extracting information from the digital media in order to prosecute the individuals that carried out the crime. Forensic challenges presented by cloud computing are vast and complex. If a company becomes the target of a digital criminal investigation and they are using cloud computing, some unique challenges are faced by a digital forensics examiner. The data in the cloud only represents a “snapshot” of when it was sent to the cloud. Establishing a chain of custody for the data would become difficult or impossible if its integrity and authenticity cannot be fully determined. There are also potential forensic issues when the customer or user exits a cloud application. Items subject to forensic analysis, such as registry entries, temporary files, and other artifacts are lost, making malicious activity difficult to prove. The challenges of applying forensics to a cloud environment are tied to cloud security. This chapter discusses securing a cloud environment and how that would help with the forensic analysis.

scholarly journals On Big Data Forensic - A Case For Forensic Cloud Environment

2020 ◽  
Author(s):  
Oteng Tabona ◽  
Thabiso Maupong ◽  
Kopo Ramokapane ◽  
Thabo Semong ◽  
Banyatsang Mphago
Keyword(s):  
Big Data ◽  
Digital Forensics ◽  
Electronic Devices ◽  
Cloud Environment ◽  
High Rise ◽  
Significant Challenge ◽  
Cyber Crimes ◽  
Definition Of ◽  
Huge Challenge ◽  
Data Forensics

Abstract Background The high rise in electronic devices in modern-day society has resulted in crimes in cyber-related crimes as criminals resort to hacking, illegal use of these devices. This is primarily due to perceived high rewards and low chances of being apprehended. The rise in cyber crimes poses a significant challenge to forensic investigators as now they have to process huge volumes of data from a variety of sources within a limited time. This results in investigators taking longer to process cases and in some instances missing links as they deal with data from a variety of sources. Findings In this paper, we provide a definition of big data forensics, and then we discuss the challenges associated with digital forensics investigations when dealing with big data. We provide details on how volume, variety, and velocity all pose a huge challenge in digital forensics investigations. We then discuss how a novel solution called Forensic Cloud Environment (FCE) leverages the power of Hadoop, HBase, and MapReduce to provide a solution for big data forensic challenges. Conclusion In conclusion, the fact that FCE provides an environment to store huge volumes of data from a variety of sources allows for an improved processing time of data. Hence, providing an environment for big data forensics for the future.

Cloud Computing Forensics

2014 ◽  
pp. 170-178
Author(s):  
Mario A. Garcia
Keyword(s):  
Cloud Computing ◽  
Digital Media ◽  
Digital Forensics ◽  
Forensic Analysis ◽  
Cloud Environment ◽  
Malicious Activity ◽  
Cloud Application ◽  
Chain Of Custody ◽  
A Chain ◽  
A Company

As computer technology evolved over the last 30 years, so did the opportunity to use computers to break the law. Out of necessity, digital forensics was birthed. Computer forensics is the practice of extracting information from the digital media in order to prosecute the individuals that carried out the crime. Forensic challenges presented by cloud computing are vast and complex. If a company becomes the target of a digital criminal investigation and they are using cloud computing, some unique challenges are faced by a digital forensics examiner. The data in the cloud only represents a “snapshot” of when it was sent to the cloud. Establishing a chain of custody for the data would become difficult or impossible if its integrity and authenticity cannot be fully determined. There are also potential forensic issues when the customer or user exits a cloud application. Items subject to forensic analysis, such as registry entries, temporary files, and other artifacts are lost, making malicious activity difficult to prove. The challenges of applying forensics to a cloud environment are tied to cloud security. This chapter discusses securing a cloud environment and how that would help with the forensic analysis.

scholarly journals Cloud Forensics : Isolating Cloud Instance

2017 ◽  
Vol 3 (2) ◽  
pp. 10
Author(s):  
Mariam J. AlKandari ◽  
Huda F. Al Rasheedi ◽  
Ayed A. Salman
Keyword(s):  
Cloud Computing ◽  
Digital Forensics ◽  
File System ◽  
File Systems ◽  
Distributed File System ◽  
Cloud Environment ◽  
Apache Hadoop ◽  
Cloud Forensics ◽  
Hadoop Distributed File System ◽  
Do So

Abstract—Cloud computing has been the trending model for storing, accessing and modifying the data over the Internet in the recent years. Rising use of the cloud has generated a new concept related to the cloud which is cloud forensics. Cloud forensics can be defined as investigating for evidence over the cloud, so it can be viewed as a combination of both cloud computing and digital forensics. Many issues of applying forensics in the cloud have been addressed. Isolating the location of the incident has become an essential part of forensic process. This is done to ensure that evidence will not be modified or changed.  Isolating an instant in the cloud computing has become even more challenging, due to the nature of the cloud environment. In the cloud, the same storage or virtual machine have been used by many users. Hence, the evidence is most likely will be overwritten and lost. The proposed solution in this paper is to isolate a cloud instance. This can be achieved by marking the instant that reside in the servers as "Under Investigation". To do so, cloud file system must be studied. One of the well-known file systems used in the cloud is Apache Hadoop Distributed File System (HDFS). Thus, in this paper the methodology used for isolating a cloud instance would be based on the HDFS architecture. Keywords: cloud computing; digital forensics; cloud forensics

Hard Clues in Soft Environments

2015 ◽  
pp. 258-284
Author(s):  
Andrea Atzeni ◽  
Paolo Smiraglia ◽  
Andrea Siringo
Keyword(s):  
Digital Forensics ◽  
Cloud Environment ◽  
Open Problems ◽  
Future Directions ◽  
Cloud Technology ◽  
Cloud Forensics ◽  
Security Issues

Cloud forensics is an open and important area of research due to the growing interest in cloud technology. The increasing frequency of digital investigations brings with it the need for studying specific scenarios in the area of forensics, both when evidence are inside the cloud and when the cloud can be used as platform to perform the investigations. In this chapter we highlight the problems digital forensics must deal with in the Cloud. We introduce historical roots of digital forensics, as well as an overall background about the Cloud and we provide possible meanings of cloud forensics, based on available definitions. Since the cloud introduces different architectural paradigm that affects all the phases of a forensics investigation, in this survey we detail many security issues digital forensics have to face in a cloud environment. We describe when and what available solutions exist and, on the contrary, the still open problems, and we discuss possible future directions in this field.

Sign in / Sign up

Export Citation Format

Share Document