Abstract
Cloud computing has become a prominent and widespread technology nowadays. However, it agonized due to incremental serious security issues. To solve these issues forensic techniques needs to be applied in cloud. Log is a paramount element in forensic investigations to reveal 3W i.e. who, what, when of happened suspicious activity. That’s the reason, secure preservation and investigation of different logs is an essential job for cloud forensics. Due to very little control over the clouds, it’s very difficult to collect authentic logs from cloud environment while preserving integrity and confidentiality. Till today, forensic investigator has to trust Cloud Service Provider (CSP), who collect the logs from individual sources of cloud environment. However, untrusted stakeholders of cloud and malicious entities from outside the cloud can collude with each other to alter the logs after the fact and remain untraceable. Thus, validity of the provided logs for forensics can be questionable. In this paper, we proposed forensic aware blockchain assisted secure logging-as-a-service for cloud environment to securely store and process logs by tackling multi-stakeholder collusion problem and ensuring integrity & confidentiality. The integrity of logs is ensured using immutable property of blockchain technology. Cloud Forensic Investigator (CFI) can only be able to access the logs for forensic investigation by BlockSLaaS, which preserves confidentiality of logs.
This is a preview of subscription content, log in via an institution.
Buying options
Tax calculation will be finalised at checkout
Purchases are for personal use only
Learn about institutional subscriptionsReferences
Columbus, L.: Cloud computing market projected to reach 411B dollar by 2020 (2017). https://goo.gl/hmKeK1. Accessed 09 July 2018
Ashford, W.: Ransomware to hit cloud computing in 2018, predicts MIT (2018). https://goo.gl/9JoHhj. Accessed 26 Apr 2018
Congress of the United States. Sarbanes-Oxley Act (2002). http://goo.gl/YHwujG. Accessed 20 Mar 2015
www.hhs.gov. Health Information Privacy. http://goo.gl/NxgkMi. Accessed 20 Mar 2015
Kent, K., Chevalier, S., Grance, T., Dang, H.: Guide to integrating forensic techniques into incident response. NIST Special Publication 800-86 (2006)
Nakamoto, S.: Bitcoin: a peer-to-peer electronic cash system. Consulted 1, 2012 (2008)
Marty, R.: Cloud application logging for forensics. In: Proceedings of the 2011 ACM Symposium on Applied Computing (SAC11), Taichung, Taiwan, pp. 178–184. ACM, March 2011
Birk, D., Wegener, C.: Technical issues of forensic investigations in cloud computing environments. In: SADFE, pp. 1–10. IEEE (2011)
Balduzzi, M., Zaddach, J., Balzarotti, D., Kirda, E., Loureiro, S.: A security analysis of Amazon’s elastic compute cloud service. In: Symposium on Applied Computing, pp. 1427–1434. ACM (2012)
Subashini, S., Kavitha, V.: A survey on security issues in service delivery models of cloud computing. J. Netw. Comput. Appl. 34(1), 1–11 (2011)
Zissis, D., Lekkas, D.: Addressing cloud computing security issues. Future Gener. Comput. Syst. 28(3), 583–592 (2012)
Infosecurity-magazine. Ddos-ers launch attacks from Amazon ec2, July 2014. http://goo.gl/vrXrHE. Accessed 1 Jan 2018
Melland, P., Grance, T.: Nist cloud computing forensic science challenges. NIST Cloud Computing Forensic Science Working Group, Information Technology Laboratory, Draft NISTIR 8006, June 2014
Zawoad, S., Hasan, R.: Digital forensics in the cloud. J. Defense Softw. Eng. 26(5), 17–20 (2013)
Dykstra, J., Sherman, A.: Acquiring forensic evidence from infrastructure-as-aservice cloud computing: exploring and evaluating tools, trust, and techniques. J. Digit. Invest. 9, S90–S98 (2012). https://doi.org/10.1016/j.diin.2012.05.001
Patrascu, A., Patriciu, V.-V.: Logging system for cloud computing forensic environments. J. Control Eng. Appl. Inform. 16(1), 80–88 (2014)
Khan, S., Gani, A., Wahab, A., et al.: Cloud log forensics: foundations, state of the art, and future directions. ACM Comput. Surv. 49(1) https://doi.org/10.1145/2906149 (2016). Article 7
Zawoad, S., Dutta, A.K., Hasan, R.: SecLaaS: secure logging-as-aservice for cloud forensics. In: ASIACCS, pp. 219–230. ACM (2013)
Zawoad, S., Dutta, A., Hasan, R.: Towards building forensics enabled cloud through secure logging-as-a-service. IEEE Trans. Dependable Secure Comput. 13(2), 148–162 (2016). https://doi.org/10.1109/TDSC.2015.2482484
Ruan, K., Carthy, J., Kechadi, T., Baggili, I.: Cloud forensics denitions and critical criteria for cloud forensic capability: an overview of survey results. Digital Invest. 10(1), 34–43 (2013)
Zawoad, S., Hasan, R.: Cloud forensics: a meta-study of challenges, approaches, and open problems arXiv: 1302.6312v1 [cs.DC] 26 February 2013
Kent, K., Souppaya, M.: Guide to computer security log management. Technical report. NIST Special Publication 800-92 (2006)
Dykstra, J., Sherman, A.: Understanding issues in cloud forensics: two hypothetical case studies. Cyber Defense Lab, Department of CSEE, University of Maryland, Baltimore County (UMBC) (2011)
Cohen, F.: Challenges to digital forensic evidence in the cloud. In: Ruan, K. (ed.) Cybercrime and Cloud Forensics: Applications for Investigation Processes, pp. 59–78. IGI Global, December 2012
Khajeh-Hosseini, A., Greenwood, D., Sommerville, I.: Cloud migration: a case study of migrating an enterprise it system to IaaS. In: Proceedings of the 3rd International Conference on Cloud Computing (CLOUD), pp. 450–457. IEEE (2010)
Ruan, K., Carthy, J., Kechadi, T., Crosbie, M.: Cloud forensics. In: Peterson, G., Shenoi, S. (eds.) DigitalForensics 2011. IAICT, vol. 361, pp. 35–46. Springer, Heidelberg (2011). https://doi.org/10.1007/978-3-642-24212-0_3
Grispos, G., Glisson, W., Storer, T.: Calm before the Storm: the emerging challenges of cloud commuting in digital forensics. University of Glasgow (2012)
Zafarullah, Z., Anwar, F., Anwar, Z.: Digital forensics for eucalyptus. In: FIT, pp. 110–116. IEEE (2011)
Thorpe, S., Ray, I.: Detecting temporal inconsistency in virtual machine activity timelines. J. Inf. Assur. Secur. 7(1), 24–31 (2012)
Thorpe, S., Ray, I., Grandison, T., Barbir, A., France, R.: Hypervisor event logs as a source of consistent virtual machine evidence for forensic cloud investigations. In: Wang, L., Shafiq, B. (eds.) DBSec 2013. LNCS, vol. 7964, pp. 97–112. Springer, Heidelberg (2013). https://doi.org/10.1007/978-3-642-39256-6_7
Ray, I., Belyaev, K., Strizhov, M., Mulamba, D., Rajaram, M.: Secure logging as a service delegating log management to the cloud. IEEE Syst. J. 7(2), 323–334 (2013)
Hyperledger FabricDocs Documentation, Hyperledger. https://readthedocs.org/projects/hyperledger-fabric/downloads/pdf/latest/hyperledger-fabric.pdf
Author information
Authors and Affiliations
Corresponding authors
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2019 Springer Nature Singapore Pte Ltd.
About this paper
Cite this paper
Rane, S., Dixit, A. (2019). BlockSLaaS: Blockchain Assisted Secure Logging-as-a-Service for Cloud Forensics. In: Nandi, S., Jinwala, D., Singh, V., Laxmi, V., Gaur, M., Faruki, P. (eds) Security and Privacy. ISEA-ISAP 2019. Communications in Computer and Information Science, vol 939. Springer, Singapore. https://doi.org/10.1007/978-981-13-7561-3_6
Download citation
DOI: https://doi.org/10.1007/978-981-13-7561-3_6
Published:
Publisher Name: Springer, Singapore
Print ISBN: 978-981-13-7560-6
Online ISBN: 978-981-13-7561-3
eBook Packages: Computer ScienceComputer Science (R0)