CloRoFor: Cloud Robust Forensics
نویسندگان
چکیده
The malicious alteration of machine time is a big challenge in computer forensics. Detecting such changes and reconstructing the actual timeline of events is of paramount importance. However, this can be difficult since the attacker has many opportunities and means to hide such changes. In particular, cloud computing, host and guest machine time can be manipulated in various ways by an attacker. Guest virtual machines are especially vulnerable to attacks coming from their (more privileged) host. As such, it is important to guarantee the timeline integrity of both hosts and guests in a cloud, or at least to ensure that the alteration of such timeline does not go undetected. In this paper we survey the issues related to host and guest machine time integrity in the cloud. Further, we describe a novel architecture for host and guest time alteration detection and correction/resilience with respect to compromised hosts and guests. The proposed framework 1 has been implemented on an especially built simulator. Collected results are evaluated and discussed. Performance figures show the feasibility of our proposal.
منابع مشابه
Procedures for a Harmonised Digital Forensic Process in Live Forensics
Cloud computing is a novel computing paradigm that presents new research opportunities in the field of digital forensics. Cloud computing is based on the following principles: on-demand self-service, broad network access, resource pooling, rapid elasticity and measured service. These principles require that cloud computing be distributed internationally. Even if the cloud is hosted locally, it ...
متن کاملA State-of-the-Art Review of Cloud Forensics
Cloud computing and digital forensics are emerging fields of technology. Unlike traditional digital forensics where the target environment can be almost completely isolated, acquired and can be under the investigators control; in cloud environments, the distribution of computation and storage poses unique and complex challenges to the investigators. Recently, the term “cloud forensics” has an i...
متن کاملStaas Clouds Using the Open Cloud Forensics Model
The rapid adoption of cloud computing to meet storage and computation needs has changed the way computing services and resources are used. However, because of the black-box nature and multi-tenant usage models of clouds, existing digital forensics science cannot cope with current state-of-the-art cloud architectures. Because of the fundamental characteristics of such clouds, many assumptions of...
متن کاملDiscussion on the Challenges and Opportunities of Cloud Forensics
Cloud Forensics refers to digital forensics investigations performed in Cloud Computing Environments. Nowadays digital investigators face various technical, legal, and organizational challenges to keep up with current developments in the field of Cloud Computing. But, due to its dynamic nature, Cloud Computing also offers several opportunities to improve digital investigations in Cloud Environm...
متن کاملKey Terms for Service Level Agreements to Support Cloud Forensics
As cloud adoption grows, the importance of preparing for forensic investigations in cloud environments also grows. A recent survey of digital forensic professionals identified that missing terms and conditions regarding forensic activities in service level agreements between cloud providers and cloud consumers is a significant challenge for cloud forensics. This paper addresses the challenge by...
متن کاملذخیره در منابع من
با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید
برای دانلود متن کامل این مقاله و بیش از 32 میلیون مقاله دیگر ابتدا ثبت نام کنید
ثبت ناماگر عضو سایت هستید لطفا وارد حساب کاربری خود شوید
ورودعنوان ژورنال:
- CoRR
دوره abs/1506.01739 شماره
صفحات -
تاریخ انتشار 2015