Regeneration of events using system snapshots for cloud forensic analysis

While cloud computing continues to advance as a technology, its security is still perceived as a major concern in the corporate world. Several approaches are being considered in order to resolve the security issues so that the maximum potential of cloud computing can be exploited. Cloud forensics is one such approach that attempts to provide the requisite tools for investigation and analysis of cloud security threats. In this context, we present a novel approach to analysis of cloud attacks through event regeneration. VNsnaps are used to take periodic snapshots of the virtual network environment (VNE) during cloud attacks which are detected by using fuzzy clustering techniques. These snapshots are later restored to regenerate the events of attack.

[1]  Joshua Ojo Nehinbe,et al.  A Framework for Evaluating Clustering Algorithm , 2010, 2010 IEEE Second International Conference on Cloud Computing Technology and Science.

[2]  Patrick Th. Eugster,et al.  VNsnap: Taking snapshots of virtual networked environments with minimal downtime , 2009, 2009 IEEE/IFIP International Conference on Dependable Systems & Networks.

[3]  Bernd Grobauer,et al.  Towards incident handling in the cloud: challenges and approaches , 2010, CCSW '10.

[4]  Joshua Ojo Nehinbe,et al.  Guessing strategy for improving intrusion detections , 2010, 2010 2nd Computer Science and Electronic Engineering Conference (CEEC).

[5]  Zhen Ling,et al.  Cyber Crime Scene Investigations (C²SI) through Cloud Computing , 2010, 2010 IEEE 30th International Conference on Distributed Computing Systems Workshops.

[6]  Toby Velte,et al.  Cloud Computing, A Practical Approach , 2009 .

[7]  Ulas C. Kozat,et al.  In-network live snapshot service for recovering virtual infrastructures , 2011, IEEE Network.

[8]  Leslie Lamport,et al.  Distributed snapshots: determining global states of distributed systems , 1985, TOCS.

[9]  P. Mell,et al.  The NIST Definition of Cloud Computing , 2011 .

[10]  Chen Ding,et al.  Analysis of data clustering support for service , 2011, 2011 IEEE 2nd International Conference on Software Engineering and Service Science.

[11]  Friedemann Mattern,et al.  Efficient Algorithms for Distributed Snapshots and Global Virtual Time Approximation , 1993, J. Parallel Distributed Comput..