Abstract
Sensitive organizational data are stored in cloud environment. To protect these data, forensic investigation of different malicious event is desired. Investigating the log records is more desirable since history of every transaction is stored in cloud log. Cloud forensic technique requires identifying the attacked area and analyzing the level of attack and further presenting it in the court of law. This paper proposes expert system architecture for forensic intrusion monitoring, analysis, and evidence generation for cloud logs. Fuzzy data mining technique has been proposed for forensic acquisition. This will reduce the computational effort that would otherwise incur in processing the huge log to identify the attacked area. Further AI techniques are exploited for training and analysis purpose. This helps in identifying various anomalous attacks in cloud environment. A comprehensible evidence format is also designed to be produced in the court of law.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
References
Zissis, D., & Lekkas, D. (2012). Addressing cloud computing security issues. Future Generation computer systems, 28(3), 583–592.
Mell, P., & Grance, T. (2011). The NIST definition of cloud computing.
Ruan, K., Carthy, J., Kechadi, T., & Baggili, I. (2013). Cloud forensics definitions and critical criteria for cloud forensic capability: An overview of survey results. Digital Investigation, 10(1), 34–43.
Kim, J. S., Kim, D. G., & Noh, B. N. (2004, July). A fuzzy logic based expert system as a network forensics. In Fuzzy Systems, 2004. Proceedings. 2004 IEEE International Conference on (Vol. 2, pp. 879–884). IEEE.
Dhage, S. N., & Meshram, B. B. (2012). Intrusion detection system in cloud computing environment. International Journal of Cloud Computing, 1(2–3), 261–282.
Alluri, B. K. R., & Geethakumari, G. (2015, February). A digital forensic model for introspection of virtual machines in cloud computing. In Signal Processing, Informatics, Communication and Energy Systems (SPICES), 2015 IEEE International Conference on (pp. 1–5). IEEE.
Chen, Z., Han, F., Cao, J., Jiang, X., & Chen, S. (2013). Cloud computing-based forensic analysis for collaborative network security management system. Tsinghua Science and Technology, 18(1), 40–50.
Rani, D. R., & Geethakumari, G. (2015, January). An efficient approach to forensic investigation in cloud using VM snapshots. In Pervasive Computing (ICPC), 2015 International Conference on (pp. 1–5). IEEE.
Iyengar, N. C. S., Banerjee, A., & Ganapathy, G.: A fuzzy logic based defense mechanism against distributed denial of service attack in cloud computing environment. In: International Journal of Communication Networks and Information Security, 6(3), 233 (2014).
Kim, J. S., Kim, D. G., & Noh, B. N.: A fuzzy logic based expert system as a network forensics. In Fuzzy Systems, 2004. Proceedings. 2004 IEEE International Conference (2), 879–884 (2004).
Ahmed, M. K., Hussain, M., & Raza, A. (2009, September). An automated user transparent approach to log web URLs for forensic analysis. In IT Security Incident Management and IT Forensics, 2009. IMF’09. Fifth International Conference on (pp. 120–127). IEEE.
Zhao, J., & Bose, B. K. (2002, November). Evaluation of membership functions for fuzzy logic controlled induction motor drive. In IECON 02 [Industrial Electronics Society, IEEE 2002 28th Annual Conference of the] (Vol. 1, pp. 229–234). IEEE.
T. W. Liao, A. K. Celmins, R. J. Hammell II, “A fuzzy c-means variant for the generation of fuzzy term sets,” in Fuzzy Sets and Systems, vol. 135, no. 2, pp. 241–257, Apr. 2003.
Esmin, A. A. A., Aoki, A. R., & Lambert-Torres, G. (2002, October). Particle swarm optimization for fuzzy membership functions optimization. InSystems, Man and Cybernetics, 2002 IEEE International Conference on (Vol. 3, pp. 6-pp). IEEE.
Agrawal, R., & Srikant, R. (1994, September). Fast algorithms for mining association rules. In Proc. 20th int. conf. very large data bases, VLDB (Vol. 1215, pp. 487–499).
Chan, C. C. (1998). A rough set approach to attribute generalization in data mining. Information Sciences, 107(1), 169–176.
Wu, K., Hao, J., & Wang, C. (2010, October). Intrusion detection based on fuzzy association rules. In Intelligence Information Processing and Trusted Computing (IPTC), 2010 International Symposium on (pp. 200–203). IEEE.
Luo, J., Bridges, S., & Vaugham, R. B. (2001, December). Fuzzy Frequent Episodes for Real-time Intrusion Detection. In FUZZ-IEEE (pp. 368–371).
Dickerson, J. E., Juslin, J., Koukousoula, O., & Dickerson, J. A. (2001, July). Fuzzy intrusion detection. In Ifsa world congress and 20th nafips international conference, 2001. Joint 9th (Vol. 3, pp. 1506–1510). IEEE.
Y.-C. Hua and G.-H. Tzeng, “Elicitation of classification rules by fuzzy data mining,” Engineering Applications of Artificial Intelligence, vol. 16, no. 7–8, pp. 709–716, 2003.
Z. Chen and G. Chen, “Building an associative classifier based on fuzzy association rules,” International Journal of Computational Intelligence Systems, vol. 1, no. 3, pp. 262–273, 2008.
F. Pach, A. Gyenesei, and J. Abonyi, “Compact fuzzy association rulebased classifier,” Expert Systems with Applications, vol. 34, no. 4, pp. 2406–2416, 2008.
Alcala-Fdez, J., Alcala, R., & Herrera, F. (2011). A fuzzy association rule-based classification model for high-dimensional problems with genetic rule selection and lateral tuning. IEEE Transactions on Fuzzy Systems, 19(5), 857–872.
Jain, A. K., Duin, R. P. W., & Mao, J. (2000). Statistical pattern recognition: A review. IEEE Transactions on pattern analysis and machine intelligence, 22(1), 4–37.
Pawar, V. S., & Zaveri, M. A. (2011, July). Graph based pattern matching. InFuzzy Systems and Knowledge Discovery (FSKD), 2011 Eighth International Conference on (Vol. 2, pp. 1022–1026). IEEE.
Martini, B., & Choo, K. K. R. (2012). An integrated conceptual digital forensic framework for cloud computing. Digital Investigation, 9(2), 71–80.
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2018 Springer Nature Singapore Pte Ltd.
About this paper
Cite this paper
Santra, P., Roy, P., Hazra, D., Mahata, P. (2018). Fuzzy Data Mining-Based Framework for Forensic Analysis and Evidence Generation in Cloud Environment. In: Perez, G., Tiwari, S., Trivedi, M., Mishra, K. (eds) Ambient Communications and Computer Systems. Advances in Intelligent Systems and Computing, vol 696. Springer, Singapore. https://doi.org/10.1007/978-981-10-7386-1_10
Download citation
DOI: https://doi.org/10.1007/978-981-10-7386-1_10
Published:
Publisher Name: Springer, Singapore
Print ISBN: 978-981-10-7385-4
Online ISBN: 978-981-10-7386-1
eBook Packages: EngineeringEngineering (R0)