Abstract
Cloud computing is a relatively new model in the computing world after several computing paradigms like personal, ubiquitous, grid, mobile, and utility computing. Cloud computing is synonymous with virtualization which is about creating virtual versions of the hardware platform, the Operating System or the storage devices. Virtualization poses challenges to implementation of security as well as cybercrime investigation in the cloud. Although several researchers have contributed in identifying digital forensic challenges and methods of performing digital forensic analysis in the cloud computing environment, we feel that the requirement of finding the most appropriate methods to evaluate the uncertainty in the digital evidence is a must. This paper emphasizes on the methods of finding and analyzing digital evidence in cloud computing environment with respect to the cloud user as well as the provider. We propose a heuristic model for performing digital forensics in the cloud environment.
This is a preview of subscription content, log in via an institution.
Buying options
Tax calculation will be finalised at checkout
Purchases are for personal use only
Learn about institutional subscriptionsPreview
Unable to display preview. Download preview PDF.
References
Martini, B., Choo, K.-K.R.: Cloud storage forensics: ownCloud as a case study. Digital Investigation 10, 287–299 (2013)
http://www.clavister.com/Documents/resources/white-papers/clavister-whp-cloud-security-en.pdf (accessed April 25, 2014)
http://aws.amazon.com/security/security-bulletins/zeus-botnet-controller (accessed April 25, 2014)
Mell, P., Grance, T.: The NIST Definition of Cloud Computing - NIST Special Publication. 800-145 (September 2011)
Velte, T., Velte, A., Elsenpeter, R.: Cloud Computing, A Practical Approach. McGraw Hill Computing, New York (2009)
Open Source Private Cloud software, https://www.openstack.org
Open Source Private and Hybrid Cloud software, https://www.eucalyptus.com/eucalyptus-cloud/iaas
VMware Private Cloud Computing Solution, https://www.vmware.com/cloud-computing/private-cloud.html
Martini, B., Choo, K.-K.R.: An integrated conceptual digital forensic framework for cloud computing. Digital Investigation 9, 71–80 (2012)
Zawoad, S., Hasan, R.: Cloud Forensics: A Meta-Study of Challenges, Approaches, and Open Problems. arXiv:1302.6312v1[cs.DC] (February 26, 2013)
Federici, C.: AlmaNebula: A computer forensics framework for the Cloud. Procedia Computer Science 19, 139–146 (2013)
Quick, D., Choo, K.-K.R.: Digital droplets: Microsoft SkyDrive forensic data remnants. Future Generation Computer Systems 29, 1378–1394 (2013)
Roussev, V., Quates, C., Martell, R.: Real-time digital forensics and triage. Digital Investigation 10, 158–167 (2013)
Povar, D., Geethakumari, G.: Digital Evidence Detection in Virtual Environment for Cloud Computing. ACM Digital Library (2012), 978-1-4503-1822-8
Povar, D., Bhadran, V.K.: Forensic Data Carving. In: Baggili, I. (ed.) ICDF2C 2010. LNICST, vol. 53, pp. 137–148. Springer, Heidelberg (2011)
The Volatility Framework, https://code.google.com/p/volatility (accessed April 25, 2014)
Memory forensics, http://www.mandiant.com/resources/download/memoryze (accessed April 25, 2014)
Forensic Toolkit, http://www.accessdata.com/products/digital-forensics (accessed April 25, 2014)
EnCase Forensic v7.09, http://www.guidancesoftware.com/products/Pages/encase-forensic/overview.aspx?cmpid=nav (accessed April 25, 2014)
X-Ways Forensics, http://www.x-ways.net (accessed April 25, 2014)
CyberCheck, http://www.cyberforensics.in (accessed April 25, 2014)
Daryabar, F., Dehghantanha, A.: A Survey about Impacts of Cloud Computing on Digital Forensics. IJCSDF (2013)
Dykstra, J., Sherman, A.T.: Acquiring forensic evidence from infrastructure-as-a-service cloud computing: Exploring and evaluating tools, trust, and techniques. Digital Investigation 9, 590–598 (2012)
Wolthusen, S.D.: Overcast: Forensic Discovery in Cloud Environments. In: Fifth International Conference on IT Security Incident Management and IT Forensics. IEEE (2009), 978-0-7695-3807-5/09
Anti-forensic tool, http://www.dban.org
Povar, D., Geethakumari, G.: A Novel approach to Detect Cloud Virtual Machines hidden using Alternate Data Streams. In: International Multi Conference on Automation, Computing, Control, Communication and Compressed Sensing (iMac4s 2013). IEEE XPlore (2013)
Birk, D.: Technical Issues of Forensic Investigations in Cloud Computing Environments. In: Workshop on Cryptography and Security in Clouds (2011)
Marty, R.: Cloud Application Logging for Forensics. In: Proceedings of the ACM SAC (2011)
http://www.vmware.com/pdf/vsphere5/r55/vsphere-55-configuration-maximums.pdf
Ruan, K., et al.: Cloud forensics: An overview. IBM Tech. Journal (2010)
Garfinkel, S.L.: Digital forensics research: The next 10 years. Digital Investigation 7, 564–573 (2010)
http://www.forensicswiki.org (accessed April 25, 2014)
Brain Carrier: File System Forensic Analysis (2005)
http://www.theforensicacademy.com/Forensic.html (accessed April 25, 2014)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2014 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Povar, D., Geethakumari, G. (2014). A Heuristic Model for Performing Digital Forensics in Cloud Computing Environment. In: Mauri, J.L., Thampi, S.M., Rawat, D.B., Jin, D. (eds) Security in Computing and Communications. SSCC 2014. Communications in Computer and Information Science, vol 467. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-662-44966-0_33
Download citation
DOI: https://doi.org/10.1007/978-3-662-44966-0_33
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-662-44965-3
Online ISBN: 978-3-662-44966-0
eBook Packages: Computer ScienceComputer Science (R0)