Proceedings Article10.1109/smartnets55823.2022.9994001
An Integrated Framework Implementation For Cloud Forensics Investigation Using Logging Tool
29 Nov 2022
2
TL;DR: In this paper , a forensic framework is suggested and implemented using Apache Spark to perform the analysis process of log data, which can be used to help digital investigators in their investigations, and the framework was also evaluated interactively using custom-built scenarios.
read more
Abstract: Today, straightforward computer and network forensics techniques cannon satisfactory performance for cloud forensics in conventional cloud based systems. The complexity of cloud computing as well as crime incident reconstruction, cloud instance isolation, and data provenance, is the reason behind this. This study aims is to support investigators and Cloud Service Providers (CSP) in understanding how to accomplish cyber forensic investigations in the cloud environment. In this research, a digital investigation procedure is recommended for use in analyzing large volumes of cloud data logs to support the reconstruction of criminal events' timelines in the cloud instance. A forensic framework is suggested and implemented using Apache Spark to perform the analysis process of log data. As such, data from cloud based committed during a particular time can be analyzed and extracted to help digital investigators in their investigations. The framework was also evaluated interactively using custom-built scenarios.
read more
Chat with Paper
AI Agents for this Paper
Find similar papers on Google Scholar, PubMed and Arxiv
Write a critical review of this paper
Analyze citations of this paper to find unaddressed research gaps
Citations
Forensics Investigation on Social Media Apps and Web Apps Messaging in Android Smartphone
Ruwa F. Abu Hweidi,Mahmoud Jazzar,Amna Eleyan,Tarek Bejaoui +3 more
- 25 Jul 2023
TL;DR: The study finds that logical acquisition cannot recover any data from Facebook or Instagram, but it can extract and analyze all data except text and contact files from WhatsApp and Telegram.
2
SATA M.2 on Forensics: Trim Function Effect on Recovering Permanently Deleted Files
Ruwa F. Abu Hweidi,Mahmoud Jazzar,Amna Eleyan,Tarek Bejaoui +3 more
- 25 Jul 2023
TL;DR: An experiment to recover permanently deleted files in SATAM.2 SSD memory when- the Trim function is disabled and permitted with various forensic tools such as OSForensics, Autopsy, FTK and AXIOM finds that 0% of files are recovered when the TrIM function is enabled and 100% of Files can be recovered if Trimfunction is disabled.
References
Cloud Computing: The impact on digital forensic investigations
Stephen Biggs,Stilianos Vidalis +1 more
- 09 Nov 2009
TL;DR: This paper will outline the tasks that the authors undertook for the CLOIDIFIN project and highlight where the Impact of CC will diversely effect digital forensic investigations.
148
Introducing the trusted virtual environment module: a new mechanism for rooting trust in cloud computing
F. John Krautheim,Dhananjay S. Phatak,Alan T. Sherman +2 more
- 21 Jun 2010
TL;DR: The TVEM is a software appliance that provides enhanced features for cloud virtual environments over existing Trusted Platform Module virtualization techniques, which includes an improved application program interface, cryptographic algorithm flexibility, and a configurable modular architecture.
99
Understanding issues in cloud forensics: two hypothetical case studies
Josiah Dykstra,Alan T. Sherman +1 more
- 25 May 2011
TL;DR: Significant challenges with cloud forensics, including forensic acquisition, evidence preservation and chain of custody, are described, and open problems for continued research.
Amazon Cloud Drive forensic analysis
TL;DR: Methods available to a forensic examiner that can be used to determine file transfers that occurred to and from an Amazon Cloud Drive on a computer, as well as retrieving relevant Cloud Drive artifacts from unallocated space is discussed in this paper.
84
Overcast: Forensic Discovery in Cloud Environments
Stephen D. Wolthusen
- 15 Sep 2009
TL;DR: Some of the challenges posed by the increasingly common use of highly distributed and complex systems in a number of environments are reviewed and a research agenda for investigations potentially spanning multiple jurisdictions, large numbers of distributed systems and services, and stretching out over extended periods of time is outlined.
74