Cloud Forensics: State-of-the-Art and Research Challenges

Cloud computing is a new operation model providing utility services over a shared virtualized resources. It is visualized that in future, Cloud can offer everything as a service (EAAS). Cloud Service Provider (CSP) makes infrastructure, platform and software services available over the Internet with greater flexibility at a lower cost. Cloud computing paradigm enables users to access computing resources placed at a remote location. The users also need not necessarily own these physical infrastructures. As more and more service providers and users are getting added to the cloud environment, it has become an significant field attracting more attackers to perform malicious activities for financial gains. Several approaches of security are being considered in order to resolve these threats and provide protection for the resources so that the potential of cloud computing can be exploited to the maximum. Cloud forensics is an approach that attempts to investigate and analyze cloud security threats. It will ensure that attackers will be more cautious to avoid prosecution for their illegal actions. It acts as a deterrent, reducing network crime rate and improving security. The paper aims to provide a better awareness of cloud forensics, understand some of the proposed frameworks and identify the research gaps and challenges. The significance of this work is that it presents the state-of-the-art in cloud forensics, which will be very much useful for security practitioners and researchers.

[1]  Rajkumar Buyya,et al.  Modeling and simulation of scalable Cloud computing environments and the CloudSim toolkit: Challenges and opportunities , 2009, 2009 International Conference on High Performance Computing & Simulation.

[2]  Sangjin Lee,et al.  Digital forensic investigation of cloud storage services , 2012, Digit. Investig..

[3]  Timothy Grance,et al.  Cloud Computing Synopsis and Recommendations , 2012 .

[4]  Susan V. Vrbsky Security Attacks and Solutions in Clouds Kazi Zunnurhain , 2010 .

[5]  Stephen Biggs,et al.  Cloud Computing: The impact on digital forensic investigations , 2009, 2009 International Conference for Internet Technology and Secured Transactions, (ICITST).

[6]  A. Zahariev Google App Engine , 2009 .

[7]  Hein S. Venter,et al.  Digital Forensic Framework for a Cloud Environment , 2012 .

[8]  Abha Belorkar,et al.  Regeneration of events using system snapshots for cloud forensic analysis , 2011, 2011 Annual IEEE India Conference.

[9]  ChengYan Cybercrime forensic system in cloud computing , 2011 .

[10]  Mark Taylor,et al.  Digital evidence in cloud computing systems , 2010, Comput. Law Secur. Rev..

[11]  Gang Zhou,et al.  Forensic Analysis Using Migration in Cloud Computing Environment , 2011 .

[12]  Raffael Marty,et al.  Cloud application logging for forensics , 2011, SAC.

[13]  Zhen Ling,et al.  Cyber Crime Scene Investigations (C²SI) through Cloud Computing , 2010, 2010 IEEE 30th International Conference on Distributed Computing Systems Workshops.

[14]  William R. Claycomb,et al.  Insider Threats to Cloud Computing: Directions for New Research Challenges , 2012, 2012 IEEE 36th Annual Computer Software and Applications Conference.

[15]  Kim-Kwang Raymond Choo,et al.  An integrated conceptual digital forensic framework for cloud computing , 2012, Digit. Investig..

[16]  Stephen D. Wolthusen,et al.  Overcast: Forensic Discovery in Cloud Environments , 2009, 2009 Fifth International Conference on IT Security Incident Management and IT Forensics.

[17]  Rajdeep Niyogi,et al.  Network forensic frameworks: Survey and research challenges , 2010, Digit. Investig..

[18]  Chris Wren,et al.  Cloud computing: Forensic challenges for law enforcement , 2010, 2010 International Conference for Internet Technology and Secured Transactions.

[19]  Timothy Grance,et al.  Guidelines on Security and Privacy in Public Cloud Computing | NIST , 2012 .

[20]  Martin S. Olivier,et al.  Isolating a cloud instance for a digital forensic investigation , 2011, ISSA.

[21]  Alan T. Sherman,et al.  Acquiring forensic evidence from infrastructure-as-a-service cloud computing: Exploring and evaluating tools, trust, and techniques , 2012, Digit. Investig..

[22]  冯海超 Windows Azure:微软押上未来 , 2012 .

[23]  Cheng Yan Cybercrime forensic system in cloud computing , 2011, 2011 International Conference on Image Analysis and Signal Processing.

[24]  Timothy Grance,et al.  Guide to Integrating Forensic Techniques into Incident Response , 2006 .

[25]  Eugene Ciurana,et al.  Google App Engine , 2009 .

[26]  Christoph Wegener,et al.  Technical Issues of Forensic Investigations in Cloud Computing Environments , 2011, 2011 Sixth IEEE International Workshop on Systematic Approaches to Digital Forensic Engineering.

[27]  Stephen Mason,et al.  Digital evidence and 'cloud' computing , 2011, Comput. Law Secur. Rev..

[28]  Nicole Beebe,et al.  A hierarchical, objectives-based framework for the digital investigations process , 2005, Digit. Investig..

[29]  Alan T. Sherman,et al.  UNDERSTANDING ISSUES IN CLOUD FORENSICS: TWO HYPOTHETICAL CASE STUDIES , 2011 .

[30]  Mark John Taylor,et al.  Forensic investigation of cloud computing systems , 2011, Netw. Secur..

[31]  Ali Dehghantanha,et al.  Forensics investigation challenges in cloud computing environments , 2012, Proceedings Title: 2012 International Conference on Cyber Security, Cyber Warfare and Digital Forensic (CyberSec).

[32]  Shaftab Ahmed,et al.  Tackling cloud security issues and forensics model , 2010, 7th International Symposium on High-capacity Optical Networks and Enabling Technologies.

[33]  Mohand Tahar Kechadi,et al.  Cloud Forensics , 2011, IFIP Int. Conf. Digital Forensics.

[34]  Yongzhao Zhan,et al.  Investigation of IT Security and Compliance Challenges in Security-as-a-Service for Cloud Computing , 2012, 2012 IEEE 15th International Symposium on Object/Component/Service-Oriented Real-Time Distributed Computing Workshops.

[35]  Tim Storer,et al.  Calm Before the Storm: The Challenges of Cloud Computing in Digital Forensics , 2014, Int. J. Digit. Crime Forensics.

[36]  Rodney McKemmish,et al.  What is forensic computing , 1999 .