Forensic Analysis of Distributed Service Oriented Computing Platforms

Cloud computing is quickly becoming pervasive. M illions of concurrent users are taking advantage of the flexibility offered by cloud computing platforms. The use of the l arge scale global storage provided by cloud computing presents a barrier to existing digital forensic techniques which were developed to target single hosts containing a small number of storage devices. By analysing computers to determine if they have been used in the commission of a crime or breach of policy. Various techniques are employed to analyse all aspects of a computer and/or network to determine if malicious activity has occurred. One such technique is signature detection, where signatures from know illicit files are searched for to determine their presence on a computer or storage device. We have identified that the volume and distribution of data in cloud platforms presents a barrier to the application of existing signature detection techniques. The focus of this paper is the development and implementation of a distributed signature detection framework that will enable forensic analysis of cloud storage platforms.

[1]  Jan H. P. Eloff,et al.  Considerations Towards a Cyber Crime Profiling System , 2008, 2008 Third International Conference on Availability, Reliability and Security.

[2]  Vasile Palade,et al.  A Knowledge Base for the maintenance of knowledge extracted from web data , 2007, Knowl. Based Syst..

[3]  Joaquim Celestino Júnior,et al.  Autonomic Forensics a New Frontier to Computer Crime Investigation Management , 2009 .

[4]  John Kingston High Performance Knowledge Bases: four approaches to knowledge acquisition, representation and reasoning for workaround planning , 2001, Expert Syst. Appl..

[5]  Yong-Dal Shin New Digital Forensics Investigation Procedure Model , 2008, 2008 Fourth International Conference on Networked Computing and Advanced Information Management.

[6]  Marilyn T. Miller,et al.  Henry Lee's Crime Scene Handbook , 2001 .

[7]  Andrew Sheldon The future of forensic computing , 2005, Digit. Investig..

[8]  Célia Ghedini Ralha,et al.  A Cooperative Multi-agent Approach to Computer Forensics , 2008, 2008 IEEE/WIC/ACM International Conference on Web Intelligence and Intelligent Agent Technology.

[9]  M. Karyda,et al.  Internet Forensics: Legal and Technical Issues , 2007, Second International Workshop on Digital Forensics and Incident Analysis (WDFIA 2007).

[10]  Eugene H. Spafford,et al.  Automated Digital Evidence Target Definition Using Outlier Analysis and Existing Evidence , 2005, DFRWS.

[11]  Marcus K. Rogers,et al.  Self-reported computer criminal behavior: A psychological analysis , 2006, Digit. Investig..

[12]  Suresh Kumar,et al.  A contemporary approach to hybrid expert systems case base reasoning , 2010, 2010 International Conference on Computer and Communication Technology (ICCCT).

[13]  Olga Angelopoulou ID Theft: A computer forensics' investigation framework , 2007 .

[14]  Gary C. Kessler,et al.  The growing need for on-scene triage of mobile devices , 2010, Digit. Investig..

[15]  Ricci S. C. Ieong,et al.  FORZA - Digital forensics investigation framework that incorporate legal issues , 2006, Digit. Investig..

[16]  Agnar Aamodt,et al.  Case-Based Reasoning: Foundational Issues, Methodological Variations, and System Approaches , 1994, AI Commun..

[17]  Daniel Ayers,et al.  A second generation computer forensic analysis system , 2009, Digit. Investig..

[18]  Bart W. Schermer,et al.  The limits of privacy in automated profiling and data mining , 2011, Comput. Law Secur. Rev..

[19]  Paul Hunton,et al.  The stages of cybercrime investigations: Bridging the gap between technology examination and law enforcement investigation , 2011, Comput. Law Secur. Rev..

[20]  Seamus O. Ciardhuáin,et al.  An Extended Model of Cybercrime Investigations , 2004, Int. J. Digit. EVid..

[21]  Eugene Santos,et al.  On automatic knowledge validation for Bayesian knowledge bases , 2008, Data Knowl. Eng..

[22]  Avelino J. Gonzalez,et al.  Validation and verification of intelligent systems - what are they and how are they different? , 2000, J. Exp. Theor. Artif. Intell..

[23]  Greg Gogolin The Digital Crime Tsunami , 2010, Digit. Investig..

[24]  Norhayati Daut,et al.  Development of expert system for identifying dolphin’s species in Malaysian fisheries using PROLOG , 2008, 2008 International Symposium on Information Technology.

[25]  Ruibin Gong,et al.  Case-Relevance Information Investigation: Binding Computer Intelligence to the Current Computer Forensic Framework , 2005, Int. J. Digit. EVid..

[26]  Dongdai Lin,et al.  A Method for Locating Digital Evidences with Outlier Detection Using Support Vector Machine , 2008, Int. J. Netw. Secur..

[27]  Gregg H. Gunsch,et al.  An Examination of Digital Forensic Models , 2002, Int. J. Digit. EVid..

[28]  William G. Perry Information Warfare: Assuring Digital Intelligence Collection , 2009 .

[29]  E R WEINERMAN,et al.  EFFECTS OF MEDICAL "TRIAGE" IN HOSPITAL EMERGENCY SERVICE. , 1965, Public health reports.

[30]  G. Palermo,et al.  Constructing Bayesian networks for criminal profiling from limited data , 2008, Knowl. Based Syst..

[31]  Sangjin Lee,et al.  Applying a Stepwise Forensic Approach to Incident Response and Computer Usage Analysis , 2009, 2009 2nd International Conference on Computer Science and its Applications.

[32]  M. B. Mukasey,et al.  Electronic Crime Scene Investigation: A Guide for First Responders, Second Edition , 2008 .

[33]  Danah Boyd,et al.  Social Network Sites: Definition, History, and Scholarship , 2007, J. Comput. Mediat. Commun..

[34]  L GarfinkelSimson Digital forensics research , 2010 .

[35]  Eugene H. Spafford,et al.  Getting Physical with the Digital Investigation Process , 2003, Int. J. Digit. EVid..

[36]  Winn Schwartau Information Warfare , 1996, Encyclopedia of Public Administration and Public Policy, Third Edition.

[37]  Marcus K. Rogers The role of criminal profiling in the computer forensics process , 2003, Comput. Secur..

[38]  Johan Scholtz,et al.  Towards an Automated Digital Data Forensic Model with specific reference to Investigation Processes , 2010 .

[39]  Steve Gold Cover Story: The black art of digital forensics , 2009 .

[40]  Harry Parsonage,et al.  Computer Forensics Case Assessment and Triage - some ideas for discussion , 2010 .

[41]  George M. Mohay,et al.  Detection of Anomalies from User Profiles Generated from System Logs , 2011, AISC.

[42]  Robert Taylor,et al.  Criminal profiling and insider cyber crime , 2005, Digit. Investig..

[43]  Eugene Santos,et al.  Implicitly preserving semantics during incremental knowledge base acquisition under uncertainty , 2003, Int. J. Approx. Reason..

[44]  Eoghan Casey,et al.  Moving forward in a changing landscape , 2006, Digit. Investig..

[45]  Doris L. Carver,et al.  Weaving ontologies to support digital forensic analysis , 2009, 2009 IEEE International Conference on Intelligence and Security Informatics.

[46]  Warren G. Kruse,et al.  Computer Forensics: Incident Response Essentials , 2001 .

[47]  Maite López-Sánchez,et al.  Adaptive case-based reasoning using retention and forgetting strategies , 2011, Knowl. Based Syst..

[48]  Michele L. Ybarra,et al.  How Risky Are Social Networking Sites? A Comparison of Places Online Where Youth Sexual Solicitation and Harassment Occurs , 2008, Pediatrics.

[49]  David E. Millard,et al.  Automatic Ontology-Based Knowledge Extraction from Web Documents , 2003, IEEE Intell. Syst..

[50]  Simson L. Garfinkel,et al.  Digital forensics research: The next 10 years , 2010, Digit. Investig..

[51]  Expedito Carlos Lopes,et al.  A Decision Support Methodology for the Control of Alternative Penalties - A Case-Based Reasoning Approach , 2009, 2009 International Conference on Information, Process, and Knowledge Management.

[52]  Jean-Marc Petit,et al.  Web Intelligence and Intelligent Agent Technology , 2011 .

[53]  Malrey Lee,et al.  A study of an automatic learning model of adaptation knowledge for case base reasoning , 2003, Inf. Sci..

[54]  Jan H. P. Eloff,et al.  Framework for a Digital Forensic Investigation , 2006, ISSA.

[55]  J. Leon Zhao,et al.  A case-based reasoning framework for workflow model management , 2004, Data Knowl. Eng..