Skip to main content
SpringerLink
Log in

Timeline-Based Cloud Event Reconstruction Framework for Virtual Machine Artifacts

  • Conference paper
  • First Online:
Progress in Intelligent Computing Techniques: Theory, Practice, and Applications

Part of the book series: Advances in Intelligent Systems and Computing ((AISC,volume 719))

Abstract

Traditionally, scaling the resources to meet the high dynamic needs of consumers is a challenge for organizations. Alongside cost, maintenance overheads, availability issues are contemplated. A scientific solution that considers all these is cloud computing. Moreover, recent advancements in cloud also allured many small and medium scale enterprises. But, the extent of security and privacy provided to the tenant’s data is not apparent and proper. Contemporary attacks on the cloud strengthen this argument. A reactive approach to handle the occurred incident in cloud is through performing forensics. But the domain of cloud forensics is still in its infancy state. In mid 2014, National Institute of Standards and Technology (NIST) released a draft which contains various legal, organizational, architecture, and technical challenges to perform forensics in the cloud environment. In this paper, our focus is on one of the technical challenges namely Event Reconstruction. We consider cloud virtual machine artifacts to achieve the same.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution

Institutional subscriptions

References

  1. Sutte J.: Twitter hack raises questions about cloud computing, In: http://edition.cnn.com/2009/TECH/07/16/twitter.hack/, (2009), accessed 21-07-2013.

  2. Higgins K.: Dropbox, wordpress used as cloud cover in new apt attacks, In: http://www.darkreading.com/attacksbreaches/dropbox-wordpress-used-as-cloud-coverin/240158057, (2013), accessed 22-07-2013.

  3. Inci, Mehmet Sinan, et al.: Seriously, get off my cloud! Cross-VM RSA Key Recovery in a Public Cloud. In: IACR Cryptology ePrint Archive, 2015.

    Google Scholar 

  4. NIST Cloud Computing Forensic Science Challenges, Tech. Rep. In: http://csrc.nist.gov/publications/drafts/nistir-8006/draft_nistir_8006.pdf.

  5. Chabot, Yoan, et al.: Event Reconstruction: A State of the Art. In: Handbook of Research on Digital Crime, Cyberspace Security, and Information Assurance (2014): 15.

    Google Scholar 

  6. Cohen, Fred.: Challenges to Digital Forensic Evidence in the Cloud. In: Cybercrime and Cloud Forensics: Applications for Investigation Processes (2012): 59.

    Google Scholar 

  7. Ruan K., J. Carthy, T. Kechadi, M. Crosbie.: Cloud Forensics, In: 7th IFIP Advances in Digital Forensics VII, G. Peterson and S. Shenoi (eds), vol. 361, pp. 35–46.

    Google Scholar 

  8. Ruan K., Carthy, J.: Cloud Computing Reference Architecture and its Forensic Implications: a Preliminary Analysis, In: Proceedings of the 4th International Conference on Digital Forensics & Cyber Crime, Springer Lecture Notes, October 25–26, Lafayette, Indiana, USA.

    Google Scholar 

  9. James, Joshua I., Ahmed F. Shosha, and Pavel Gladyshev.: Digital forensic investigation and cloud computing. In: Cybercrime and Cloud Forensics: Applications for Investigation Processes (2012): pp. 1–41.

    Google Scholar 

  10. Spyridopoulos, Theodoros, and Vasilios Katos.: Data Recovery Strategies for Cloud Environments. In: Cybercrime and Cloud Forensics: Applications for Investigation Processes (2012): 251.

    Google Scholar 

  11. Garfinkel, Simson L.: Automating disk forensic processing with SleuthKit, XML and Python. In: Fourth International IEEE Workshop on Systematic Approaches to Digital Forensic Engineering, SADFE’09, IEEE, 2009.

    Google Scholar 

  12. Garber, Lee.: Encase: A case study in computer-forensic technology. In: IEEE Computer Magazine January (2001).

    Google Scholar 

  13. Olsson, Jens, and Martin Boldt.: Computer forensic timeline visualization tool. In: digital investigation, pp. S78–S87, Elsevier, 2009.

    Google Scholar 

  14. Kristinn.: Mastering the super timeline with log2timeline. In: SANS Institute (2010).

    Google Scholar 

  15. Buchholz, Florian P., and Courtney Falk.: Design and Implementation of Zeitline: a Forensic Timeline Editor. In: DFRWS. 2005.

    Google Scholar 

  16. Agarwal, Ritu, and Suvarna Kothari.: Review of Digital Forensic Investigation Frameworks. In: Information Science and Applications. Springer Berlin Heidelberg, pp. 561–571, 2015.

    Google Scholar 

  17. Hargreaves, Christopher, and Jonathan Patterson.: An automated timeline reconstruction approach for digital forensic investigations. In: Digital Investigation, pp. S69–S79, 2012.

    Google Scholar 

Download references

Author information

Authors and Affiliations

  1. BITS Pilani Hyderabad Campus, Hyderabad, 500078, India

    B. K. S. P. Kumar Raju & G. Geethakumari

Authors
  1. B. K. S. P. Kumar Raju
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. G. Geethakumari
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to B. K. S. P. Kumar Raju .

Editor information

Editors and Affiliations

  1. Department of Computer Science and Engineering, National Institute of Technology, Rourkela, Odisha, India

    Pankaj Kumar Sa

  2. Department of Computer Science and Engineering, National Institute of Technology, Rourkela, Odisha, India

    Manmath Narayan Sahoo

  3. School of Mechatronic Engineering, Universiti Malaysia Perlis (UniMAP), Arau, Perlis, Malaysia

    M. Murugappan

  4. The University of Exeter, Exeter, Devon, United Kingdom

    Yulei Wu

  5. Department of Computer Science and Engineering, National Institute of Technology, Rourkela, Odisha, India

    Banshidhar Majhi

Rights and permissions

Reprints and permissions

Copyright information

© 2018 Springer Nature Singapore Pte Ltd.

About this paper

Cite this paper

Kumar Raju, B.K.S.P., Geethakumari, G. (2018). Timeline-Based Cloud Event Reconstruction Framework for Virtual Machine Artifacts. In: Sa, P., Sahoo, M., Murugappan, M., Wu, Y., Majhi, B. (eds) Progress in Intelligent Computing Techniques: Theory, Practice, and Applications. Advances in Intelligent Systems and Computing, vol 719. Springer, Singapore. https://doi.org/10.1007/978-981-10-3376-6_4

Download citation

  • DOI: https://doi.org/10.1007/978-981-10-3376-6_4

  • Published:

  • Publisher Name: Springer, Singapore

  • Print ISBN: 978-981-10-3375-9

  • Online ISBN: 978-981-10-3376-6

  • eBook Packages: EngineeringEngineering (R0)

Publish with us

Policies and ethics

Search

Navigation