Abstract
Nowadays, cloud computing is one of the popular and widely used concepts in information technology paradigm. It is committed to improving the IT business technically and economically. On the other hand, digital forensic is the process of collection, identification, preservation, examination, and analysis of data or information for the proof in the court of law as an evidence. It is very difficult and challenging to apply digital forensic operation in a cloud environment because CSPs are dependent on each other either they provide IaaS, PaaS, or SaaS. So the cloud forensic, one of the applications of digital forensic in a cloud environment, is just a subset of network forensic. It is a cross-field of digital forensic and cloud computing. In this paper, we investigate all the research issues, problems, and implementation ethics of cloud forensic from the initial level. We found that lots of issues and challenges are remaining to address in this domain. Some major research domains are architectures, data collection and analysis, anti-forensic, incident first responders, roles and responsibilities, legal, standards, and some learning issues. In our research work, we mainly focus on the data collection and cloud forensic architectures and also implement a cloud forensic framework in the context of cloud service models. This research work is tested using different private cloud solutions such as eucalyptus, OpenNebula, VMware, vCloud, and Hadoop platform. In our research work, we implement pattern search facility using the proposed approach in open-source software called digital forensic framework. We also implement in near future digital forensic triage using Amazon Elastic MapReduce. In this research, we also implement designed and development of forensic method for the PaaS and SaaS delivery models of cloud computing, also apply machine learning principles to design and develop new digital forensic methods, and improve the efficiency of investigation using machine learning algorithms for feature extraction and priority of evidence classification of evidence in virtual machines.
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Similar content being viewed by others
References
Kaur M, Kaur N, Khurana S (2016) A literature review on cyber forensic and its analysis tools. Int J Adv Res Comput Commun Eng 5(1). ISSN (Online) 2278-1021. ISSN (Print) 2319 5940
Zhou G, Cao Q, Mai Y (2011) Forensic analysis using migration in cloud computing environment. In: Information and management engineering, pp 417–423
Zawoad S, Hasan R (2013) Digital forensics in the cloud. In: Securing the cloud. Crosstalk, Sept/Oct. University of Alabama, Birmingham
Patrascu A, Patriciu VV (2014) Implementation of a cloud computing framework for cloud forensics. In: Proceedings of the 18th international conference on system theory, control and computing, Sinaia, Romania, 17–19 Oct. ISBN 978-1-4799-4601-3/14/$31.00 ©2014 IEEE
Alqahtany SS (2017) A forensically-enabled IaaS cloud computing architecture. Thesis, University of Plymouth, Jan 2017. http://hdl.handle.net/10026.1/9508
Piwari MTM (2016) Digital forensics in the cloud: the reliability and integrity of the evidence gathering process. Thesis, Auckland University of Technology, New Zealand
Almarzooqi A, Jones A (2016) A framework for assessing the core capabilities of a digital forensic organization. In: IFIP international conference on digital forensics, Jan 2016. Springer International Publishing, pp 47–65
Almarzooqi A, Jones A, Howley R (2016) Applying grounded theory methods to digital forensics research. In: The 11th annual ADFSL conference on digital forensics, security and law, May 2016
Delport W, Olivier MS, Kohn M (2011) Isolating a cloud instance for a digital forensic investigation. In: Information security South Africa conference (ISSA)
Delport W, Olivier MS (2012) Isolating instances in cloud forensics. In: Advances in digital forensic VIII IFIP, vol 383. Springer, Berlin, pp 187–200
James JI, Shosha AF, Gladyshev P (2012) Digital forensic investigation and cloud computing. ResearchGate, Dec 2012
Dykstra JABS (2013) Digital forensics for infrastructure-as-a-service cloud computing. Dissertation, Faculty of the Graduate School of the University of Maryland, Baltimore County
Daryabar F (2015) Digital forensics framework for investigating client cloud storage applications on smartphones. Thesis, University Putra Malaysia, May 2015
Hewling MO (2013) Digital forensics: an integrated approach for the investigation of cyber computer related crime. Thesis, University of Bedfordshire
Chaurasia G (2015) Issues in acquiring digital evidence from cloud. J Forensic Res S3. https://doi.org/10.4172/2157-7145.1000s3-001
Karabiyik U (2015) Building an intelligent assistant for digital forensic. Thesis, Florida State University
Kebande VR, Venter HS (2018) Novel digital forensic readiness techniques in the cloud environment. Aust J Forensic Sci
Mustafa ZS (2016) Assessing the evidential value of artifacts recovered from the cloud. Cranfield University
Clark P (2011) Digital forensics tool testing image metadata in the cloud. Gjovik University College, Norway
Krishnan R (2017) Security and privacy in the cloud computing. Western Michigan University
Sibiya MG (2015) Digital forensic model for a cloud environment. University of Pretoria, Feb 2015
De Marco L (2015) Forensic readiness capability for cloud computing. Università Degli Studi Di Salerno
Povar D, Geethakumari G (2016) Digital forensic architecture for cloud computing systems: methods of evidence identification, segregation, collection and partial analysis. In: The third international conference on information systems design and intelligent applications-India-2016. Advances in intelligent systems and computing (AISC) series
Manoj SK, Bhaskari DL (2016) Cloud forensics—a framework for investigating cyber attacks in cloud environment. Procedia Comput Sci 85:149–154
Dykstra J, Sherman AT (2012) Acquiring forensic evidence from infrastructure-as-a-service cloud computing: exploring and evaluating tools, trust, and techniques. Digit Investig 9(Supplement):S90–S98
Alex ME, Kishore R (2016) Forensic model for cloud computing. In: IEEE WiSPNET conference
Pichan A, Lazarescu M, Soh ST (2015) Cloud forensics: technical challenges, solutions and comparative analysis. Digit Investig
Roussev V, Ahmed I, Barreto A, McCulley S, Shanmughan V (2016) Cloud forensics—tool development studies and future outlook. Digit Investig
Choo KKR, Esposito C, Castiglione A (2017) Evidence and forensics in the cloud: challenges and future research directions. IEEE Cloud Comput
Alex ME, Kishore R (2017) Forensics framework for cloud computing. Comput Electr Eng
Morioka E, Sharbaf MS (2016) Digital forensics research on cloud computing: an investigation of cloud forensics solutions. IEEE. ISBN 978-1-5090-0770-7
Martini B, Choo KKR (2012) An integrated conceptual digital forensic framework for cloud computing. Digit Investig 9:71–80. Journal homepage: www.elsevier.com/locate/diin
Shah JJ, Malik LG (2013) Cloud forensics: issues and challenges. In: 2013 sixth international conference on emerging trends in engineering and technology. ISBN 978-1-4799-2560-5/13 © 2013 IEEE 2013. IEEE Computer Society. https://doi.org/10.1109/icetet.2013.44
Martini B, Choo KKR (2013) Cloud storage forensics: own cloud as a case study. Digit Investig 17–36
Sharevski F (2013) Digital forensic investigation in cloud computing environment: impact on privacy. In: International conference IEEE Louisville chapter 2013, pp 1–6
Reichert Z, Richards K, Yoshigoe K (2014) Automated forensic data acquisition in the cloud. In: IEEE international conference computer society
Zargari S, Benford D (2012) Cloud forensics: concepts, issues, and challenges. In: 2012 third international conference on emerging intelligent data and web technologies. IEEE Computer Society. https://doi.org/10.1109/eidwt.2012.44. ISBN 978-0-7695-4734-3/12 © 2012
NIST Cloud Computing Forensic Science Working Group (2014) NIST cloud computing forensic science challenges. Draft NISTIR 8006. Information Technology Laboratory, 23 June 2014
U.S. Department of Justice (2015) Research and development in forensic science for criminal justice purposes. OMB No. 1121-0329. Office of Justice Programs. Approval expires 31 July 2016
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2020 Springer Nature Singapore Pte Ltd.
About this paper
Cite this paper
Khan, Y., Varma, S. (2020). Development and Design Strategies of Evidence Collection Framework in Cloud Environment. In: Shukla, R., Agrawal, J., Sharma, S., Chaudhari, N., Shukla, K. (eds) Social Networking and Computational Intelligence. Lecture Notes in Networks and Systems, vol 100. Springer, Singapore. https://doi.org/10.1007/978-981-15-2071-6_3
Download citation
DOI: https://doi.org/10.1007/978-981-15-2071-6_3
Published:
Publisher Name: Springer, Singapore
Print ISBN: 978-981-15-2070-9
Online ISBN: 978-981-15-2071-6
eBook Packages: Intelligent Technologies and RoboticsIntelligent Technologies and Robotics (R0)