Cloud Computing Log Evidence Forensic Examination Analysis
نویسندگان
چکیده
Forensic analysis in the context of physical evidence is a relatively mature field. The computerization of society has led to the emergence of digital forensics and now the popularity of cloud computing has sparked interest into cloud forensics. Our goal in this paper is to enable cloud forensics, by using the theory of abstraction layers to describe the purpose and goals of virtual machine (VM) forensic digital examination analysis tools. Using VM abstraction as a meta abstraction layer, we identify how VM log forensic audit tools by generalization can introduce errors and provide requirements that such tools must follow to avoid these errors. Categories of VM log forensic analysis types are also defined based on the VM abstraction layers.
منابع مشابه
Analysis of Cloud Digital Evidence
Cloud forensics analyzes digital evidence obtained from cloud computing environments. In the cloud, the traditional forensic focus of acquiring and analyzing snapshots of digital artifacts will becomes significantly less relevant as many of the artifacts are ephemeral, while the history of state changes become pervasive. This, over the medium-to-long term, the task of forensically reconstructin...
متن کاملAn Experimental Survey towards Engaging Trustable Hypervisor Log Evidence within a Cloud Forensic Environment
In this survey paper the author explores the technical as well as high level conceptual trust issues that arise in acquiring log forensic evidence from the virtual machine (VM) hosted operating systems within the data clouds. This specific survey work is done at the University of Technology [UTECH], Jamaica, which currently functions as its own independent private data cloud provider. The data ...
متن کاملIdentifying Evidence for Implementing a Cloud Forensic Analysis Framework
Cloud computing provides several benefits to organizations such as increased flexibility, scalability and reduced cost. However, it provides several challenges for digital forensics and criminal investigation. Some of these challenges are the dependence of forensically valuable data on the deployment model, multiple virtual machines running on a single physical machine and multiple tenancies of...
متن کاملDesign and implementation of FROST: Digital forensic tools for the OpenStack cloud computing platform
We describe the design, implementation, and evaluation of FROSTdthree new forensic tools for the OpenStack cloud platform. Our implementation for the OpenStack cloud platform supports an Infrastructure-as-a-Service (IaaS) cloud and provides trustworthy forensic acquisition of virtual disks, API logs, and guest firewall logs. Unlike traditional acquisition tools, FROST works at the cloud managem...
متن کاملAnalyzing registry, log files, and prefetch files in finding digital evidence in graphic design applications
The products of graphic design applications leave behind traces of digital information which can be used during a digital forensic investigation in cases where counterfeit documents have been created. This paper analyzes the digital forensics involved in the creation of counterfeit documents. This is achieved by first recognizing the digital forensic artifacts left behind from the use of graphi...
متن کاملذخیره در منابع من
با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید
عنوان ژورنال:
دوره شماره
صفحات -
تاریخ انتشار 2012