Skip to main content
SpringerLink
Log in
Book cover

Fundamentals of Network Forensics pp 187–202Cite as

Cloud Forensics

  • Chapter
  • First Online:

Part of the book series: Computer Communications and Networks ((CCN))

Abstract

Cloud computing is a computing platform which provides everything as a service to the user in the digital world. Security is one of the deepest concerns in the cloud environment. Cloud forensics is the process of investigating and analyzing cloud security threats. In this chapter, cloud forensics is discussed along with challenges and research directions. A generic process model for cloud forensics is discussed along with four phases, namely, identification, collection, acquisition, and preservation. Cloud infrastructure investigation, cloud forensics attribution, and investigation using VMI for the cloud environment are discussed.

This is a preview of subscription content, log in via an institution.

Notes

  1. 1.

    http://www.guidancesoftware.com/encase-forensic

  2. 2.

    http://www.accessdata.com/solutions/digital-forensics/forensic-toolkit-ftk

References

  1. Martini B, Choo KKR (2012) An integrated conceptual digital forensic framework for cloud computing. Digit Investig 9(2):71–80

    Google Scholar 

  2. Badger L, Grance T, Patt-Corner R, Voas J (2011) Draft cloud computing synopsis and recommendations

    Google Scholar 

  3. CSA (2013) The notorious nine: cloud computing top threats in 2013

    Google Scholar 

  4. NIST (2014) NIST cloud computing forensic science challenges, NIST draft NISTIR 8006

    Google Scholar 

  5. CSA (2013) Mapping the forensic standard ISO/IEC 27037 to Cloud Computing

    Google Scholar 

  6. Ruan K, Carthy J, Kechadi T, Baggili I (2013) Cloud forensics definitions and critical criteria for cloud forensic capability: an overview of survey results. Digit Investig 10(1):34–43

    Article  Google Scholar 

  7. Barrett D, Kipper G (2010) Cloud computing and the forensic challenges. In: Virtualization and forensics, 1st edn. Elsevier, Boston, ch. 10, sec. 3, pp 197–209

    Google Scholar 

  8. Taylor M, Haggerty J, Gresty D, Lamb D (2011) Forensic investigation of cloud computing systems. Netw Secur 2011(3):4–10

    Article  Google Scholar 

  9. Computation-Institute (2007) Forensics, traceback, and attribution. [Online]. Available: https://wiki.ci.uchicago.edu/FranksProjects/ForensicsTracebacksAttribution, 19 Sept 2014

  10. Wheeler DA, Larsen GN (2003) Techniques for cyber attack attribution. DTIC Document

    Google Scholar 

  11. Cohen D, Narayanaswamy K (2004) Survey/analysis of Levels I, II, and III attack attribution techniques, vol 27. Cs3 Inc

    Google Scholar 

  12. Hunker J, Hutchinson B, Margulies J (2008) Role and challenges for sufficient cyber-attack attribution. Institute for Information Infrastructure Protection

    Google Scholar 

  13. Dacier M, Pham VH, Thonnard O (2009) The WOMBAT attack attribution method: some results. In: 5th international conference on information systems security (ICISS), Kolkata, India, pp 19–37

    Google Scholar 

  14. Xinwen F, Zhen L, Wei Y, Junzhou L (2010) Cyber crime scene investigations through cloud computing. In: IEEE 30th international conference on distributed computing systems workshops (ICDCSW), pp 26–31

    Google Scholar 

  15. Knake RK (2010) Untangling attribution: moving to accountability in cyberspace, T. C. o. F. Relations, ed., 2010

    Google Scholar 

  16. Clark DD, Landau S (2010) Untangling attribution. Harv Nat’l Sec J 2:323

    Google Scholar 

  17. Idziorek J, Tannian M, Jacobson D (2012) Attribution of fraudulent resource consumption in the cloud. In: IEEE 5th international conference on cloud computing (CLOUD), pp 99–106

    Google Scholar 

  18. Shakarian P, Simari GI, Moores G, Parsons S, Falappa MA (2015) An argumentation-based framework to address the attribution problem in cyber-warfare

    Google Scholar 

  19. Giffin J, Srivastava A (2010) Attribution of malicious behavior. In: Information systems security, vol 6503. Springer, Berlin/Heidelberg, pp 28–47

    Google Scholar 

  20. Garfinkel T, Rosenblum M (2003) A virtual machine introspection based architecture for intrusion detection. In: Network and distributed systems security symposium, pp 191–206

    Google Scholar 

  21. Jansen W, Grance T, Guidelines on security and privacy in public cloud computing. NIST Special Publication, pp 800–144

    Google Scholar 

  22. Birk D, Wegener C (2011) Technical issues of forensic investigations in cloud computing environments. In: IEEE sixth international workshop on systematic approaches to Digital Forensic Engineering (SADFE), 2011, Bochum, Germany, pp 1–10

    Google Scholar 

  23. Ruan K, Carthy J, Kechadi T, Crosbie M (2011) Cloud forensics. In: 7th IFIP WG 11.9 international conference on digital forensics, Orlando, FL, USA, pp 35–46

    Google Scholar 

  24. Mishra AK, Priya M, Emmanuel SP, Joshi RC (2012) Cloud forensics: state-of-the-art and research challenges. In: International symposium on cloud and services computing, pp 164–170

    Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Graphic Era University, Dehradun, Uttarakhand, India

    R. C. Joshi

  2. Malaviya National Institute of Technology, Jaipur, Rajasthan, India

    Emmanuel S. Pilli

Authors
  1. R. C. Joshi
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Emmanuel S. Pilli
    View author publications

    You can also search for this author in PubMed Google Scholar

Rights and permissions

Reprints and permissions

Copyright information

© 2016 Springer-Verlag London

About this chapter

Cite this chapter

Joshi, R.C., Pilli, E.S. (2016). Cloud Forensics. In: Fundamentals of Network Forensics. Computer Communications and Networks. Springer, London. https://doi.org/10.1007/978-1-4471-7299-4_10

Download citation

  • DOI: https://doi.org/10.1007/978-1-4471-7299-4_10

  • Published:

  • Publisher Name: Springer, London

  • Print ISBN: 978-1-4471-7297-0

  • Online ISBN: 978-1-4471-7299-4

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation