Abstract
A conceptual intelligent framework for securing Cloud Forensic Readiness framework for a proactive collection of potential digital evidence from the Cloud and enhancing trust in chain-of-custody is presented in this paper. The complexities of Cloud technology including multitenancy and inter-jurisdictional spanning are making forensic investigation on Cloud storage difficult. The immensity of the Cloud data makes it difficult to be thoroughly searched as required for forensic investigation. Securing the integrity of digital evidence in the hands of its custodians is also important. These problems and other challenges peculiar to the Cloud call for effective solutions. Forensic readiness is used to maximize the ability to collect digital evidence and minimize the cost of forensic during an incident response investigation. Researchers have proposed different solutions to improve forensic readiness systems and make them suitable for their purposes. Preventing digital evidence in a forensic readiness system from being corrupted by its custodians is found to be open to research. A blockchain solution with crypto hash security for collaborative mutual authentication of the proactively collected data is proposed in this work. It uses the elliptic curve cryptography algorithms for verification of the custodians of data and authentication of the digital evidence integrity. The solution will adequately mitigate sharp practices from the digital evidence custodian who may want to compromise it, and also enhance the admissibility of the digital evidence in court by ensuring an acceptable standard for its collection.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
References
Smolucha, K., Counsil, T.: Genealogical trends in solving cold cases: an investigation into genealogical trends in solving cold cases: an investigation into the merits and concerns with new cold-case lead development the merits and concerns with new cold-case lead development. Midwest Soc. Sci. J. 22(1), 17 (2019)
Sachowski, J.: Implementing digital forensic readiness from reactive to proactive process. In: Implementing Digital Forensic Readiness, 2nd edn., pp. 33487–2742, 2–17. CRC Press, Taylor & Francis Group, Boca Raton, FL (2019)
Alsadhan, A.F., Alhussein, M.A.: Deleted data attribution in cloud computing platforms. In: 2018 1st International Conference on Computer Applications & Information Security (ICCAIS), pp. 1–6 (2018). https://doi.org/10.1109/CAIS.2018.8441961
Tiwari, P.K., Joshi, S.: Data security for software as a service. In: Khosrow-Pour, M., Clarke, S., Jennex, M.E., Becker, A., Anttiroiko, A.-V. (eds.) Web-Based Services: Concepts, Methodologies, Tools and Applications, IGI Global, pp. 864–880 (2016)
Lillis, D., Becker, B., O’Sullivan, T., Scanlon, M.: Current challenges and future research areas for digital forensic investigation, April 2016. http://arxiv.org/abs/1604.03850. Accessed: 21 Feb 2019
Casey, E.: Digital Evidence and Computer Crime Forensic Science, Computers and the Internet, 3rd edn. Academic Press (Elsevier), Waltham (2011)
Hewling, M.O.: Digital forensics: an integrated approach for the investigation of cyber/computer related crimes name: Moniphia Orlease Hewling. University of Bedfordshire (2013)
Aji, M.P., Riadi, I., Lutfhi, A.: The digital forensic analysis of snapchat application using XML records. J. Theor. Appl. Inf. Technol. 95(19), 4992–5002 (2017)
Park, S., Kim, Y., Park, G., Na, O., Chang, H.: Research on digital forensic readiness design in a cloud computing-based smart work environment. Sustainability 10(1203), 1–24 (2018). https://doi.org/10.3390/su10041203
Samy, G.N., et al.: Proposed proactive digital forensic approach for cloud computing environment. Int. J. Eng. Technol. 7(4), 12–15 (2018). https://doi.org/10.14419/ijet.v7i4.15.21362
Du, X., Le-Khac, N.A., Scanlon, M.: Evaluation of digital forensic process models with respect to digital forensics as a service. In: European Conference on Information Warfare and Security, ECCWS, 2017, pp. 573–581. https://arxiv.org/ftp/arxiv/papers/1708/1708.01730.pdf
Yassin, W., Faizal Abdollah, M., Ahmad, R., Yunos, Z., Ariffin, A.: Cloud forensic challenges and recommendations: a review. J. Cyber Secur. 2(1), 19–29 (2020). https://www.oic-cert.org/en/journal/vol-2-issue-1/cloud-forensic-challenges-and-recommenda.html. Accessed 19 Apr 2020
Daryabar, F., Dehghantanha, A., Choo, K.-K.R.: Cloud storage forensics: MEGA as a case study. Aust. J. Forensic Sci. 49(3), 344–357 (2017). https://doi.org/10.1080/00450618.2016.1153714
Freiling, F., Hösch, L.: Controlled experiments in digital evidence tampering. In: DFRWS 2018 EU - Proceedings of the 5th Annual DFRWS Europe, vol. 24, pp. S83–S92 (2018). https://doi.org/10.1016/j.diin.2018.01.011
Schneider, J., Wolf, J., Freiling, F.: Tampering with digital evidence is hard: the case of main memory images. Digit. Investig. 32, S1–S9 (2020). https://doi.org/10.1016/j.fsidi.2020.300924
Decker, C., Wattenhofer, R.: Bitcoin transaction malleability and MtGox. In: Kutyłowski, M., Vaidya, J. (eds.) ESORICS 2014. LNCS, vol. 8713, pp. 313–326. Springer, Cham (2014). https://doi.org/10.1007/978-3-319-11212-1_18
People v. Nunez, 2019 NY Slip Op 50735. Appellate Term. 2nd Dept. 2019 - Google Scholar (2019)
People v. Ely, 68 NY 2d 520 - NY: Court of Appeals 1986 - Google Scholar (1986)
Pichan, A., Lazarescu, M., Soh, S.T.: Cloud forensics: technical challenges, solutions and comparative analysis. Digit. Investig. 13, 38–57 (2015). https://doi.org/10.1016/j.diin.2015.03.002
Tan, J.: Forensic Readiness. Cambridge (2001). http://citeseerx.ist.psu.edu/viewdoc/download?doi=10.1.1.644.9645&rep=rep1&type=pdf
Saiman, N.H., Din, M.M.: A generic digital forensic business model: Malaysia as case study. Int. J. Innov. Comput. 8(1), 21–26 (2018)
Kebande, V.R., et al.: Towards an integrated digital forensic investigation framework for an IoT-based ecosystem. In: Proceedings - 2018 IEEE International Conference on Smart Internet of Things, SmartIoT 2018, pp. 93–98 (2018). https://doi.org/10.1109/SmartIoT.2018.00-19
Hirano, M., Tsuzuki, N., Ikeda, S., Kobayashi, R.: LogDrive: a proactive data collection and analysis framework for time-traveling forensic investigation in IaaS cloud environments. J. Cloud Comput. 7(1), 1–25 (2018). https://doi.org/10.1186/s13677-018-0119-2
Zawoad, S., Dutta, A.K., Hasan, R.: SecLaaS: secure logging-as-a-service for cloud forensics. In: ASIA CCS 2013 – Proceedings of the 8th ACM SIGSAC Symposium on Information, Computer and Communications Security, pp. 219–230 (2013). https://doi.org/10.1145/2484313.2484342
Masvosvere, D.J.E., Venter, H.S.: Using a standard approach to the design of next generation e-supply chain digital forensic readiness systems. SAIEE Africa Res. J. 107(2), 104–120 (2016). https://doi.org/10.23919/SAIEE.2016.8531546
Zhang, Y., Lin, X., Xu, C.: Lockchain-based secure data provenance for cloud storage. In: Naccache, D. et al. (eds.) Information and Communications Security, ICICS 2018. LNCS, vol. 11149, pp. 3–19. Springer, Cham (2018). https://doi.org/10.1007/978-3-030-01950-1_1
Alenezi, A., Hussein, R.K., Walters, R.J., Wills, G.B.: A framework for cloud forensic readiness in organizations. In: 2017 5th IEEE International Conference on Mobile Cloud Computing, Services, and Engineering (MobileCloud), pp. 199–204 (2017). https://doi.org/10.1109/MobileCloud.2017.12
Serketzis, N., Katos, V., Ilioudis, C., Baltatzis, D., Pangalos, G.: Improving forensic triage efficiency through cyber threat intelligence. Fut. Internet 11(7), 162 (2019). https://doi.org/10.3390/fi1107016
Khalique, A., Singh, K., Sood, S.: Implementation of elliptic curve digital signature algorithm. Int. J. Comput. Appl. 2(2), 21–27 (2010). https://doi.org/10.5120/631-876
Johnson, D., Menezes, A., Vanstone, S.: The elliptic curve digital signature algorithm (ECDSA). Int. J. Inf. Secur. 1(1), 36–63 (2001). https://doi.org/10.1007/s102070100002
Chatterjee, S., Samaddar, S.G.: ECC based remote mutual authentication scheme for resource constrained client in cloud. In: Mandal, J.K., Mukhopadhyay, S., Dutta, P., Dasgupta, K. (eds.) CICBA 2018. CCIS, vol. 1031, pp. 374–387. Springer, Singapore (2019). https://doi.org/10.1007/978-981-13-8581-0_30
Al-Zubaidie, M., Zhang, Z., Zhang, J.: Efficient and secure ECDSA algorithm and its applications: a survey. Int. J. Commun. Netw. Inf. Secur. 11(1), 7–35 (2019). http://arxiv.org/abs/1902.10313. Accessed 27 Dec 2019
Salah, K., Khan, M.: IoT security : review , blockchain solutions , and open challenges. Fut. Gene. Comput. Syst. 82, 395–411 (2017). https://doi.org/10.1016/j.future.2017.11.022
Bryndin, E.: Artificial intelligence by ensembles of virtual agents on technological platforms. COJ Tech. Sci. Res. 2(4), 1–8 (2020). https://doi.org/10.11648/j.acis.20200801.11
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2022 Springer Nature Switzerland AG
About this paper
Cite this paper
Salami, O.W., Abdulrazaq, M.B., Adedokun, E.A., Yahaya, B. (2022). Collaborative Integrity Verification for Blockchain-Based Cloud Forensic Readiness Data Protection. In: Misra, S., Oluranti, J., Damaševičius, R., Maskeliunas, R. (eds) Informatics and Intelligent Applications. ICIIA 2021. Communications in Computer and Information Science, vol 1547. Springer, Cham. https://doi.org/10.1007/978-3-030-95630-1_10
Download citation
DOI: https://doi.org/10.1007/978-3-030-95630-1_10
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-030-95629-5
Online ISBN: 978-3-030-95630-1
eBook Packages: Computer ScienceComputer Science (R0)