Abstract
Traditionally, scaling the resources to meet the high dynamic needs of consumers is a challenge for organizations. Alongside cost, maintenance overheads, availability issues are contemplated. A scientific solution that considers all these is cloud computing. Moreover, recent advancements in cloud also allured many small and medium scale enterprises. But, the extent of security and privacy provided to the tenant’s data is not apparent and proper. Contemporary attacks on the cloud strengthen this argument. A reactive approach to handle the occurred incident in cloud is through performing forensics. But the domain of cloud forensics is still in its infancy state. In mid 2014, National Institute of Standards and Technology (NIST) released a draft which contains various legal, organizational, architecture, and technical challenges to perform forensics in the cloud environment. In this paper, our focus is on one of the technical challenges namely Event Reconstruction. We consider cloud virtual machine artifacts to achieve the same.
References
Sutte J.: Twitter hack raises questions about cloud computing, In: http://edition.cnn.com/2009/TECH/07/16/twitter.hack/, (2009), accessed 21-07-2013.
Higgins K.: Dropbox, wordpress used as cloud cover in new apt attacks, In: http://www.darkreading.com/attacksbreaches/dropbox-wordpress-used-as-cloud-coverin/240158057, (2013), accessed 22-07-2013.
Inci, Mehmet Sinan, et al.: Seriously, get off my cloud! Cross-VM RSA Key Recovery in a Public Cloud. In: IACR Cryptology ePrint Archive, 2015.
NIST Cloud Computing Forensic Science Challenges, Tech. Rep. In: http://csrc.nist.gov/publications/drafts/nistir-8006/draft_nistir_8006.pdf.
Chabot, Yoan, et al.: Event Reconstruction: A State of the Art. In: Handbook of Research on Digital Crime, Cyberspace Security, and Information Assurance (2014): 15.
Cohen, Fred.: Challenges to Digital Forensic Evidence in the Cloud. In: Cybercrime and Cloud Forensics: Applications for Investigation Processes (2012): 59.
Ruan K., J. Carthy, T. Kechadi, M. Crosbie.: Cloud Forensics, In: 7th IFIP Advances in Digital Forensics VII, G. Peterson and S. Shenoi (eds), vol. 361, pp. 35–46.
Ruan K., Carthy, J.: Cloud Computing Reference Architecture and its Forensic Implications: a Preliminary Analysis, In: Proceedings of the 4th International Conference on Digital Forensics & Cyber Crime, Springer Lecture Notes, October 25–26, Lafayette, Indiana, USA.
James, Joshua I., Ahmed F. Shosha, and Pavel Gladyshev.: Digital forensic investigation and cloud computing. In: Cybercrime and Cloud Forensics: Applications for Investigation Processes (2012): pp. 1–41.
Spyridopoulos, Theodoros, and Vasilios Katos.: Data Recovery Strategies for Cloud Environments. In: Cybercrime and Cloud Forensics: Applications for Investigation Processes (2012): 251.
Garfinkel, Simson L.: Automating disk forensic processing with SleuthKit, XML and Python. In: Fourth International IEEE Workshop on Systematic Approaches to Digital Forensic Engineering, SADFE’09, IEEE, 2009.
Garber, Lee.: Encase: A case study in computer-forensic technology. In: IEEE Computer Magazine January (2001).
Olsson, Jens, and Martin Boldt.: Computer forensic timeline visualization tool. In: digital investigation, pp. S78–S87, Elsevier, 2009.
Kristinn.: Mastering the super timeline with log2timeline. In: SANS Institute (2010).
Buchholz, Florian P., and Courtney Falk.: Design and Implementation of Zeitline: a Forensic Timeline Editor. In: DFRWS. 2005.
Agarwal, Ritu, and Suvarna Kothari.: Review of Digital Forensic Investigation Frameworks. In: Information Science and Applications. Springer Berlin Heidelberg, pp. 561–571, 2015.
Hargreaves, Christopher, and Jonathan Patterson.: An automated timeline reconstruction approach for digital forensic investigations. In: Digital Investigation, pp. S69–S79, 2012.
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2018 Springer Nature Singapore Pte Ltd.
About this paper
Cite this paper
Kumar Raju, B.K.S.P., Geethakumari, G. (2018). Timeline-Based Cloud Event Reconstruction Framework for Virtual Machine Artifacts. In: Sa, P., Sahoo, M., Murugappan, M., Wu, Y., Majhi, B. (eds) Progress in Intelligent Computing Techniques: Theory, Practice, and Applications. Advances in Intelligent Systems and Computing, vol 719. Springer, Singapore. https://doi.org/10.1007/978-981-10-3376-6_4
Download citation
DOI: https://doi.org/10.1007/978-981-10-3376-6_4
Published:
Publisher Name: Springer, Singapore
Print ISBN: 978-981-10-3375-9
Online ISBN: 978-981-10-3376-6
eBook Packages: EngineeringEngineering (R0)