Digital forensics in private Seafile cloud storage from both client and server side

Sistem penyimpanan melalui cloud memiliki banyak keunggulan, seperti kemampuan akses dari lokasi manapun serta kemudahan penyimpanan pencadangan file-file pada komputer dan smartphone. Terdapat banyak pilihan layanan penyimpanan melalui cloud, seperti Dropbox, Microsoft OneDrive, Google Drive, dan Box. Dari beberapa jenis layanan peyimpanan tersebut Box adalah satu-satunya layanan penyimpanan cloud yang mampu menjamin tingkat reliability uptime hingga 99.9%. Awalnnya, Box hanya ditujukan untuk kegiatan bisnis saja, namun sekarang Box dapat digunakan oleh pengguna secara umum. Selain memberikan pengaruh yang positif, pertumbuhan penggunaan teknologi layanan penyimpanan cloud juga telah memberikan peningkatan dalam peluang terjadinya kejahatan di dunia maya. Forensik digital merupakan solusi terbaru dalam mengamati keamanan sistem dan jaringan, sementara forensik bergerak adalah pengembangan forensic digital yang sepenuhnya difokuskan pada media smartphone. Forensik bergerak dapat dilakukan dalam dua sisi, yaitu server dan client. Studi kasus dalam penelitian ini berfokus pada penggunaan smartphone OS Android yang terinstal Box sebagai layanan penyimpanan cloud. Sedangkan tujuan utama dari penelitian ini adalah untuk menyediakan sebuah metode forensik bergerak untuk menemukan artefak pada smartphone Android yang telah terinstal dengan aplikasi Box.AbstractStoring files in a cloud has many advantages, such as the ability to access them from any location and to keep backups of those files on computers and smartphones. There are many choices for cloud storage services, such as Dropbox, Microsoft OneDrive, Google Drive, and Box. Of these, Box is the only cloud storage service that guarantees uptime reliability 99.99% of the time. At first, Box was intended for business use only, but now it is also freely available for public use. Growth in cloud storage technology use has also resulted in increased opportunities for cybercrime to take place. Digital forensics is the latest solution for system and network security observers, while mobile forensics is a development of digital forensics that is fully focused on smartphone media. Mobile forensics can be performed on both the server and client sides. In this research, mobile forensics was performed on the client side. The case study in this paper focused on an Android operating system (OS) smartphone using Box cloud storage. The purpose of this study was to provide a mobile forensics method for finding artifacts on smartphones that have a Box application installed.

Download Full-text

Locked Deduplication of Encrypted Data to Counter Identification Attacks in Cloud Storage Platforms

Energies ◽

10.3390/en13112742 ◽

2020 ◽

Vol 13 (11) ◽

pp. 2742

Author(s):

Taek-Young Youn ◽

Nam-Su Jho ◽

Keonwoo Kim ◽

Ku-Young Chang ◽

Ki-Woong Park

Keyword(s):

Cloud Storage ◽

Storage Management ◽

Communication Overhead ◽

Or Efficiency ◽

Encrypted Data ◽

Server Side ◽

Efficient Storage ◽

Data Owner ◽

Client Side ◽

First Time

Deduplication of encrypted data is a significant function for both the privacy of stored data and efficient storage management. Several deduplication techniques have been designed to provide improved security or efficiency. In this study, we focus on the client-side deduplication technique, which has more advantages than the server-side deduplication technique, particularly in communication overhead, owing to conditional data transmissions. From a security perspective, poison, dictionary, and identification attacks are considered as threats against client-side deduplication. Unfortunately, in contrast to other attacks, identification attacks and the corresponding countermeasures have not been studied in depth. In identification attacks, an adversary tries to identify the existence of a specific file. Identification attacks should be countered because adversaries can use the attacks to break the privacy of the data owner. Therefore, in the literature, some counter-based countermeasures have been proposed as temporary remedies for such attacks. In this paper, we present an analysis of the security features of deduplication techniques against identification attacks and show that the lack of security of the techniques can be eliminated by providing uncertainness to the conditional responses in the deduplication protocol, which are based on the existence of files. We also present a concrete countermeasure, called the time-locked deduplication technique, which can provide uncertainness to the conditional responses by withholding the operation of the deduplication functionality until a predefined time. An additional cost for locking is incurred only when the file to be stored does not already exist in the server’s storage. Therefore, our technique can improve the security of client-side deduplication against identification attacks at almost the same cost as existing techniques, except in the case of files uploaded for the first time.

Download Full-text

Digital Forensics Study of a Cloud Storage Client: A Dropbox Artifact Analysis

CommIT (Communication and Information Technology) Journal ◽

10.21512/commit.v13i2.5781 ◽

2019 ◽

Vol 13 (2) ◽

Author(s):

Gandeva Bayu Satrya

Keyword(s):

Privacy Protection ◽

Cloud Storage ◽

Digital Forensics ◽

Rapid Development ◽

User Privacy ◽

Criminal Cases ◽

Storage Server ◽

Artifact Analysis ◽

Multiple Devices ◽

Client Side

The rapid development of cloud storage technology paired with the prevalence of smartphone usage presents wide-ranging challenges for digital forensics practitioners. Data are more easily uploaded and shared between multiple devices and across multiple platforms. So, it has increased the opportunities for criminality. Criminality undertaken in cloud computing can be directly seen on logs stored on the cloud storage server, which records user activity. However, because of user privacy protection, these logs cannot be easily used as evidence in court. This issue emphasizes the need for a reliable means of identifying, acquiring, and preserving evidential data from the client-side. This study identifies the data artifacts of a user accessing Dropbox via smartphone (Android Lollipop and Android Nougat). The data are from performing several common activities such as installing, signing up, uploading, downloading, sharing, and others. About 14 artifacts are identified by documenting the Dropbox client database changing contents as these activities are carried out. This study increases knowledge of the artifacts that are leftover by Dropbox client on Android smartphones. The results propose that these methods can be used by digital forensics investigators in carrying out investigations and cyberlaw practitioners as guidance in criminal cases.

Download Full-text

OVERCOMING ISSUES OF THE CLOUD STORAGE SECURITY USING VIRTUALIZING RAM AND SERVER SIDE FLASH MEMORY

International Journal of Advanced Research in Computer Science ◽

10.26483/ijarcs.v8i9.5041 ◽

2017 ◽

Vol 8 (9) ◽

pp. 492-495

Author(s):

Vijyendra Karpatne ◽

Keyword(s):

Flash Memory ◽

Cloud Storage ◽

Storage Security ◽

Server Side

Download Full-text

Techniques used to formulate confidential data by means of fragmentation and hybrid encryption

International Research Journal of Management IT and Social Sciences ◽

10.21744/irjmis.v6n6.766 ◽

2019 ◽

Vol 6 (6) ◽

pp. 68-86

Author(s):

Olly Beckham ◽

Gord Oldman ◽

Julie Karrie ◽

Dorth Craig

Keyword(s):

Cloud Computing ◽

Cloud Storage ◽

Service Providers ◽

Cloud Service ◽

Secure Computation ◽

Hybrid Encryption ◽

Server Side ◽

Novel Technology ◽

Confidential Data ◽

Client Side

Cloud computing is a concept shifting in the approach how computing resources are deployed and purchased. Even though the cloud has a capable, elastic, and consistent design, several security concerns restrain customers to completely accept this novel technology and move from traditional computing to cloud computing. In the article, we aspire to present a form of a novel architectural model for offering protection to numerous cloud service providers with the intention to devise and extend security means for cloud computing. In this work, we presented a two-tier architecture for security in multi-clouds; one at the client side, and other at the server side. The article presented a security domination outline for multi-clouds and supports security needs like Confidentiality, Integrity, Availability, Authorization, and Non-repudiation for cloud storage. Through this document we have anticipated, HBDaSeC, a secure-computation protocol to ease the challenges of enforcing the protection of data for information security in the cloud.

Download Full-text

Three factor authentication system with modified ECC based secured data transfer: untrusted cloud environment

Complex & Intelligent Systems ◽

10.1007/s40747-021-00305-0 ◽

2021 ◽

Author(s):

Dilip Venkata Kumar Vengala ◽

D. Kavitha ◽

A. P. Siva Kumar

Keyword(s):

Cloud Storage ◽

Data Transfer ◽

Security Threats ◽

Cloud Environment ◽

Server Side ◽

Cloud Server ◽

Authentication System ◽

Secured Data ◽

Compressed Data ◽

Cloud Storage Services

AbstractCloud computing (CC) is a technology that delivers its service by means of the internet. In the modern scenario, cloud storage services have gained attention. The cloud environment confronts data breaches expansively in cloud storage, which might bring about the disclosure of personal in addition to corporate data. Thus, the requirement arises for the creation of a more foremost authentication system. Customary authentication schemes depend on techniques, like Password Authentications Protocol (PAP), Challenge Handshakes Authentication Protocols (CHAP), as well as One-Time Pads (OTP), which are often susceptible to malevolent attacks as well as security threats. To shun such issues, this paper proposed a Modified ECC centred secure data transfer and a ‘3’-factor authentication scheme in the untrusted cloud environment. The proposed work comprises ‘3’ steps: authentication, data compression, and safe data transfer. In the authentication phase, the SHA-512 algorithm along with CCP is utilized. After that, the user-uploaded data is compressed utilizing CHA on the server-side. Next, MECC encrypts the compressed data, and then, safely uploaded it to the cloud server (CS). In the investigational appraisal, the proposed work is contrasted with the prevailing methods. The outcomes proved that the proposed work renders better security than the prevailing methods.

Download Full-text

Digital Forensics: la prospettiva di un informatico

SICUREZZA E SCIENZE SOCIALI ◽

10.3280/siss2017-003010 ◽

2018 ◽

pp. 110-126

Author(s):

Alessando Amoroso

Keyword(s):

Digital Forensics

Download Full-text