Abstract
Cloud computing is a computing platform which provides everything as a service to the user in the digital world. Security is one of the deepest concerns in the cloud environment. Cloud forensics is the process of investigating and analyzing cloud security threats. In this chapter, cloud forensics is discussed along with challenges and research directions. A generic process model for cloud forensics is discussed along with four phases, namely, identification, collection, acquisition, and preservation. Cloud infrastructure investigation, cloud forensics attribution, and investigation using VMI for the cloud environment are discussed.
This is a preview of subscription content, log in via an institution.
References
Martini B, Choo KKR (2012) An integrated conceptual digital forensic framework for cloud computing. Digit Investig 9(2):71–80
Badger L, Grance T, Patt-Corner R, Voas J (2011) Draft cloud computing synopsis and recommendations
CSA (2013) The notorious nine: cloud computing top threats in 2013
NIST (2014) NIST cloud computing forensic science challenges, NIST draft NISTIR 8006
CSA (2013) Mapping the forensic standard ISO/IEC 27037 to Cloud Computing
Ruan K, Carthy J, Kechadi T, Baggili I (2013) Cloud forensics definitions and critical criteria for cloud forensic capability: an overview of survey results. Digit Investig 10(1):34–43
Barrett D, Kipper G (2010) Cloud computing and the forensic challenges. In: Virtualization and forensics, 1st edn. Elsevier, Boston, ch. 10, sec. 3, pp 197–209
Taylor M, Haggerty J, Gresty D, Lamb D (2011) Forensic investigation of cloud computing systems. Netw Secur 2011(3):4–10
Computation-Institute (2007) Forensics, traceback, and attribution. [Online]. Available: https://wiki.ci.uchicago.edu/FranksProjects/ForensicsTracebacksAttribution, 19 Sept 2014
Wheeler DA, Larsen GN (2003) Techniques for cyber attack attribution. DTIC Document
Cohen D, Narayanaswamy K (2004) Survey/analysis of Levels I, II, and III attack attribution techniques, vol 27. Cs3 Inc
Hunker J, Hutchinson B, Margulies J (2008) Role and challenges for sufficient cyber-attack attribution. Institute for Information Infrastructure Protection
Dacier M, Pham VH, Thonnard O (2009) The WOMBAT attack attribution method: some results. In: 5th international conference on information systems security (ICISS), Kolkata, India, pp 19–37
Xinwen F, Zhen L, Wei Y, Junzhou L (2010) Cyber crime scene investigations through cloud computing. In: IEEE 30th international conference on distributed computing systems workshops (ICDCSW), pp 26–31
Knake RK (2010) Untangling attribution: moving to accountability in cyberspace, T. C. o. F. Relations, ed., 2010
Clark DD, Landau S (2010) Untangling attribution. Harv Nat’l Sec J 2:323
Idziorek J, Tannian M, Jacobson D (2012) Attribution of fraudulent resource consumption in the cloud. In: IEEE 5th international conference on cloud computing (CLOUD), pp 99–106
Shakarian P, Simari GI, Moores G, Parsons S, Falappa MA (2015) An argumentation-based framework to address the attribution problem in cyber-warfare
Giffin J, Srivastava A (2010) Attribution of malicious behavior. In: Information systems security, vol 6503. Springer, Berlin/Heidelberg, pp 28–47
Garfinkel T, Rosenblum M (2003) A virtual machine introspection based architecture for intrusion detection. In: Network and distributed systems security symposium, pp 191–206
Jansen W, Grance T, Guidelines on security and privacy in public cloud computing. NIST Special Publication, pp 800–144
Birk D, Wegener C (2011) Technical issues of forensic investigations in cloud computing environments. In: IEEE sixth international workshop on systematic approaches to Digital Forensic Engineering (SADFE), 2011, Bochum, Germany, pp 1–10
Ruan K, Carthy J, Kechadi T, Crosbie M (2011) Cloud forensics. In: 7th IFIP WG 11.9 international conference on digital forensics, Orlando, FL, USA, pp 35–46
Mishra AK, Priya M, Emmanuel SP, Joshi RC (2012) Cloud forensics: state-of-the-art and research challenges. In: International symposium on cloud and services computing, pp 164–170
Author information
Authors and Affiliations
Rights and permissions
Copyright information
© 2016 Springer-Verlag London
About this chapter
Cite this chapter
Joshi, R.C., Pilli, E.S. (2016). Cloud Forensics. In: Fundamentals of Network Forensics. Computer Communications and Networks. Springer, London. https://doi.org/10.1007/978-1-4471-7299-4_10
Download citation
DOI: https://doi.org/10.1007/978-1-4471-7299-4_10
Published:
Publisher Name: Springer, London
Print ISBN: 978-1-4471-7297-0
Online ISBN: 978-1-4471-7299-4
eBook Packages: Computer ScienceComputer Science (R0)