Cloud Computing Forensics; Challenges and Future Perspectives: A Review
Asian Journal of Research in Computer Science, Volume 16, Issue 1,
Cloud computing has become increasingly popular in recent years, evolving into a computing paradigm that is both cost-effective and efficient. It has the potential to be one of the technologies that has had the most significant impact on computing throughout its history. Regrettably, cloud service providers and their customers have not yet developed major forensic tools that can assist with the investigation of criminal conduct that occurs in the cloud. Because it is difficult to prevent cloud vulnerabilities and criminal targeting, it is necessary to be aware of how digital forensic investigations of the cloud may be carried out. This is because cloud vulnerabilities and criminal targeting are difficult to avoid. In this context, the current study examines current and future trends in cloud forensics, methodology for cloud forensics, and cloud forensic tools. In addition, the study also looks at cloud forensic approaches.
- Cloud computing
- cloud forensic
- forensic tools
- software as a service
How to Cite
Amazon, AWS Security Center, Seattle, Washington. Available:aws.amazon.com/security
Cloud Security Alliance, Security Guidance for Critical Areas of Focus in Cloud Computing V2.1, San Francisco, California; 2009. Available:www.cloudsecurityalliance.org/csaguide.pdf
EurActiv, Cloud computing: A legal maze for Europe, Brussels, Belgium; 2011.
European Network and Information Security Agency, Cloud Computing: Benefits, Risks and Recommendations for Information Security, Heraklion, Crete, Greece; 2009.
Federal Bureau of Investigation, Regional Computer Forensics Laboratory, Annual Report for Fiscal Year 2007, Washington, DC. Available:www.rcfl.gov/downloads/documents/RCFL_Nat_Annual07.pdf), 2007.
Gartner, Gartner says worldwide cloud services revenue will grow 21.3 percent in 2009, Stamford, Connecticut; March 26, 2009. Available:www.gartner.com/it /page.jsp?id=920712
Gens F. IT cloud services forecast – 2008 to 2012: A key driver of new growth; October 8, 2008.
Kent K, Chevalier S, Grance T, Dang H. Guide to Integrating forensic techniques into incident response, Special Publication 800-86, National Institute of Standards and Technology, Gaithersburg, Maryland; 2006.
Mell P, Grance T. The NIST Definition of Cloud Computing (Draft), Special Publication 800-145 (Draft), National Institute of Standards and Technology, Gaithersburg, Maryland; 2011.
Meyers M, Rogers M. Computer forensics: The need for standardization and certification. International Journal of Digital Evidence. 2004;3(2).
Perry R, Hatcher E, Mahowald R, Hendrick S. Force.com cloud platform drives huge time to market and cost savings, IDC White Paper, International Data Corporation, Framingham, Massachusetts.
Available:thecloud.appirio.com/rs/appirio/images/IDC _Force.com_ROI_Study.pdf), 2009.
Beebe N. Digital forensic research: The good, the bad and the unaddressed, in Advances in Digital Forensics V, G. Peterson and S. Shenoi, Editors. Springer: Heidelberg; 2009.
Broadhurst R, Developments in the global law enforcement of cyber crime. Policing: International Journal of Police Strategies and Management. 2006;29.
Liles S, Rogers M, Hoebich M. A survey of the legal issues facing digital forensic experts, in Advances in Digital Forensics V, G. Peterson and S. Shenoi, Editors. Springer: Heidelberg; 2009.
Oberheide J, Cooke E, Jahanian F. CloudAV: N-version antivirus in the network cloud, in Proceedings of the Seventeenth USENIX Security Conference; 2008.
Roussev V, et al. A cloud computing platform for large-scale forensic computing, in Advances in Digital Forensics V, G. Peterson and S. Shenoi, Editors. Springer: Heidelberg; 2009.
lmulhem A, Traore I. Experience with engineering a network forensics system. In: Proc. of the 2005 Int. Conf. on Information Networking, Jeju; 2005.
Biggs S. Cloud computing: The impact on digital forensic investigations. In: Proc. of the 4th Int. Conf. for Internet Technology and Secured Transactions, ICITST; 2009.
Birk D. Technical Challenges of Forensic Investigations in Cloud Computing Environments. In: Workshop on Cryptography and Security in Clouds. 2011;1–6.
Catteddu D, Hogben G. Cloud computing – Benefits, risks and recommendations for information security. ENISA Technical Report; 2009.
Doelitzscher F, Reich C, Knahl M, Clarke N. Incident detection for cloud environments. In: EMERGING 2011, The Third International Conference on Emerging Network Intelligence. 2011; 100–105.
Haggerty J, Llewellyn-Jones D, Taylor M. FORWEB: file fingerprinting for automated network forensics investigations. In: Proceedings of the First International Conference on Forensic Applications and Techniques in Telecommunications Information and Multimedia eForensics; 2008.
Noblett MG, Pollitt MM, Presley LA. Recovering and examining computer forensic evidence. Forensic Science Communications. 2000;2(4).
Ranum MJ. Network forensics and traffic monitoring. Computer Security Journal. 1997;35–39.
Ruan K, Carthy J, Kechadi T, Crosbie M. Cloud forensics. In: Advances in Digital Forensics VII. 2011;361:35–46.
Scarfone K, Mell P. Guide to intrusion detection and prevention systems. NIST Special Publication. 2007;800-94.
Sempolinski P, Thain D. A comparison and critique of eucalyptus, opennebula and nimbus. In: 2010 IEEE Second International Conference on Cloud Computing Technology and Science. IEEE; November 2010.
Shanmugasundaram K, Memon N, Savant A. ForNet: A distributed forensics network. In: Second International Workshop on Mathematical Methods. Models and Architectures for Computer Networks Security. 2003;417–426.
Somorovsky J, Heiderich M, Jensen M. All your clouds are belong to us: security analysis of cloud management interfaces. In: Proceedings of the ACM Cloud Computing Security Workshop, CCSW; 2011.
Wang HM, Yang CH. Design and implementation of a network forensics system for Linux. In: 2010 International Computer Symposium (ICS 2010). IEEE. December 2010; 390–395.
Garfinkel T, et al. Terra: a virtual machine-based platform for trusted computing. SIGOPS Oper. Syst. Rev. 2003;37.
Glavach, S. and D. Zimmerman, Cyber Forensics in the Cloud. IAnewsletter, 2011. 14.
Grobauer B, Schreck T. Towards incident handling in the cloud, in Proceedings of the 2010 ACM Workshop on Cloud Computing Security Workshop, CCSW 2010. ACM Press: New York; 2010.
Grobauer B, Walloschek T, Stocker E. Understanding cloud computing vulnerabilities. IEEE Security & Privacy Magazine. 2011;9.
Hoopes, J, et al, Virtualization for Security. 2009, Burlington: Syngress Publishing.
Mather T, Kumaraswamy S, Latif S. Cloud Security and privacy – an enterprise perspecive on risks and compliance. Sebastopol: O’Reilly Media; 2009.
Pilli ES, Joshi RC, Niyogi R. Data reduction by identification and correlation of TCP/IP attack attributes for network forensics, in Proceedings of the International Conference & Workshop on Emerging Trends in Technology, ICWET 2011. ACM Press: New York; 2011.
Santos N, Gummadi KP, Rodrigues R. Towards trusted cloud computing, in Proceedings of the 2009 Conference on Hot Topics in Cloud Computing, HotCloud 2009. USENIX Association: Berkeley; 2009.
Zafarullah AF, Anwar Z. Digital forensics for eucalyptus. In Proceedings of the, Frontiers of Information Technology, FIT 2011. IEEE Computer Society: Washington, DC; 2011.
Abbadi IM. Toward trustworthy clouds’ internet scale critical infrastructure. in Information Security Practice and Experience: 7th International Conference, ISPEC 2011, Guangzhou, China, May 30–June 1, 2011. Proceedings 7. Springer; 2011.
Abbadi IM, Lyle J. Challenges for provenance in cloud computing. in TaPP; 2011.
AbdElnapi N, Omara FA, Omran NF. A hybrid hashing security algorithm for data storage on cloud computing. International Journal of Computer Science and Information Security (IJCSIS). 2016;14(4).
Abernathey RP, et al, Cloud-native repositories for big scientific data. Computing in Science & Engineering. 2021;23(2).
Abiodun OI, et al A review on the security of the internet of things: challenges and solutions. Wireless Personal Communications. 2021;119:2603-2637.
Abiodun OI, et al. Big Data: an approach for detecting terrorist activities with people’s profiling. in proceedings of the International MultiConference of Engineers and Computer Scientists; 2018.
Barrett D, Kipper G. Virtualization and forensics: a digital forensic Investigator’s guide to virtual environments. Syngress; 2010.
Hemdan EE-D, Manjaiah DH. Exploring digital forensic investigation issues for cyber crimes in cloud computing environment. Proceeding of 1st International Conference on Computer Communication and Networks (i3CN); 2015.
Hemdan EE-D, Manjaiah DH. Spark-based log data analysis for reconstruction of cybercrime events in cloud environment. 2017 International Conference on Circuit, Power and Computing Technologies (ICCPCT). IEEE; 2017.
Hirwani, Manish, et al. Forensic acquisition and analysis of VMware virtual hard disks. Proceedings of the International Conference on Security and Management (SAM). The Steering Committee of The World Congress in Computer Science, Computer Engineering and Applied Computing (WorldComp); 2012.
Jeong D, et al. Investigation methodology of a virtual desktop infrastructure for IoT. Journal of Applied Mathematics; 2015.
Kebande VR, Venter HS. A cloud forensic readiness model using a Botnet as a service. The international conference on digital security and forensics (DigitalSec2014). Ostrava: The Society of Digital Information and Wireless Communication; 2014.
Liu, Shouqiang, et al. Research of animals image semantic segmentation based on deep learning. Concurrency and Computation: Practice and Experience. 2020;32.1:e4892.
Mell P, Grance T. Nist cloud computing forensic science challenges. Draft NISTIR 8006; 2014.
Port 4444 Details. Available:http://www.speedguide.net/port.php?port=4444/ [last accessed 23-6-2020].
Rani D, Geethakumari G. An efficient approach to forensic investigation in cloud using VM snapshots. IEEE International Conference on Pervasive Computing (ICPC); 2015.
Simou S, et al. A meta-model for assisting a cloud forensics process. Risks and security of internet and systems. Springer International Publishing. 2015;177–187.
Volatility Foundation. Available:http://www.volatilityfoundation.org / [last accessed 23-6-2020]
Waldo Delport MK, Olivier MS. Isolating a cloud instance for a digital forensic investigation. in Information and Computer Security Architecture (ICSA); 2011.
Zafarullah Z, Anwar F, Anwar Z. Digital forensics for eucalyptus. in Proceedings of Frontiers of Information Technology (FIT). IEEE. 2011;110–116.
Zawoad, Shams, Ragib Hasan, Anthony Skjellum. OCF: an open cloud forensics model for reliable digital forensics. Cloud Computing (CLOUD), 2015 IEEE 8th International Conference on. IEEE; 2015.
Using vmrun to control virtual machines; 2008.
Alqahtany S, et al. A forensic acquisition and analysis system for IaaS. Clust Comput. 2016;19.
Dykstra J, Sherman A. Understanding issues in cloud forensics: Two hypothetical case studies. Journal of Network Forensics; 2011. b.
Dykstra J, Sherman A. Acquiring forensic evidence from infrastructure-as-a-service cloud computing: exploring and evaluating tools, trust, and techniques. 2012, January: DoD Cyber Crime Conference.
Dykstra J, Sherman AT. Design and implementation of frost: digital forensic tools for the OpenStack cloud computing platform. Digit Investig. 2013;10.
Hemdan EED, Manjaiah DH. Forensic analysis approach based on metadata and hash values for digital objects in the cloud. International Journal of Innovative Research in Computer and Communication Engineering. 2015;3.
Hemdan EED, Manjaiah DH. CFIM: toward building new cloud forensics investigation model. Singapore: Innovations in Electronics and Communication Engineering. Springer; 2018.
Liu S, et al. The research of virtual face based on deep convolutional generative adversarial networks using TensorFlow. Physica A: Statistical Mechanics and its Applications. 2019;521.
Povar DG, Geethakumari. A heuristic model for performing digital forensics in cloud computing environment. Berlin Heidelberg: Security in Computing and Communications. Springer; 2014.
Ruan K, Cloud forensics. Berlin Heidelberg: Advances in digital forensics VII. Springer; 2011.
Ruan K, et al. Cloud forensics definitions and critical criteria for cloud forensic capability: an overview of survey results. Digit Investig. 2013;10.
Xu Q. A novel machine learning strategy based on two-dimensional numerical models in financial engineering. Math Probl Eng. 2013;2013.
Xu Q, et al. Multi-feature fusion CNNs for Drosophila embryo of interest detection. Physica A: Statistical Mechanics and its Applications. 2019;531.
Xu Q, Li M. A new cluster computing technique for social media data analysis. Clust Comput. 2019;22.
Xu Q, Wu J, Chen Q. A novel mobile personalized recommended method based on money flow model for stock exchange. Math Probl Eng. 2014;2014.
Dawson C. Projects in computing and information systems a student ’ s guide; 2005.
Saunders M, Lewis P, Thornhill A. Research methods for business students Fifth edition, in Research Methods for Business Students Fifth edition; 2009.
Lallmahomed N. Elementary statistics using JMP, J. R. Stat. Soc. Ser. A (Statistics Soc.); 2008.
Sample Size Calculator.”.
Hedberg EC, Hedberg EC. Statistical distributions. John Wiley & Sons; 2018.
Lehman P. 101 design methods: A structured approach for driving innovation in your organization [Book Review], no. Apr 2013. John Wiley & Sons; 2013.
Adams AA, McCrindle R. Pandora’s box: Social and professional issues of the information age. John Wiley & Sons. 2008;1.
Sang T. A log-based approach to make digital forensics easier on cloud computing; 2013.
Networks J. Securing multi-tenancy and cloud computing; 2012.
Passware Encryption Analyzer 2016 V.1; 2016.
Albaum G. The Likert scale revisited: An alternate version. Journal of the Market Research Society, 1997.
Approaches to the Analysis of Survey Data; 2001.
Dr. R. Venkitachalam, Presentation: Validity and reliability of questionnaires; 2015.
Ab Rahman NH, et al. Forensic-by-design framework for cyber-physical cloud systems. IEEE Cloud Computing. 2016;3.
Alex ME, Kishore R. Forensics framework for cloud computing. Computers and Electrical Engineering. 2017;60.
Damshenas M, Dehghantanha A, Mahmoud R, Bin Shamsuddin S. Forensics investigation challenges in cloud computing environments; 2012. DOI:https://doi.org/10.1109/CyberSec.2012.6246092.
Sharma K, Kaushik PK, Agarwal PS, Jain P, Agarwal P, Dixit S. Issues and challenges of data security in a cloud computing environment. In Annual Ubiquitous Computing, Electronics and Mobile Communication Conference (UEMCON). 2017;560–566.
Anwar U, Umair HA, Sikander A, Abedin ZU. Government cloud adoption and architecture; 2019.
Baldwin J, Alhawi OMK, Shaughnessy S, Akinbi A, Dehghantanha A. Emerging from the cloud: a bibliometric analysis of cloud forensics studies. Advances in Information Security; 2018.
Chen L, Le-Khac NA, Schlepphorst S, Xu L. Cloud forensics, security, privacy, and digital forensics in the cloud. 2019;201–216.
Biggs S, Vidalis S. Cloud computing: the impact on digital forensic investigations,Conference: Internet Technology and Secured Transactions, 2009. ICITST; 2009. DOI:https://doi.org/10.1109/ICITST.2009.5402561.
Zafarullah, Anwar F, Anwar Z. Digital forensics for eucalyptus. in Proceedings - 2011 9th International Conference on Frontiers of Information Technology, FIT. 2011;110–116. DOI:https://doi.org/10.1109/FIT.2011.28.
Reilly D, Wren C, Berry T. Cloud computing: Forensic challenges for law enforcement, Internet Technol. Secur. Trans. (ICITST). 2010 Int. Conf; 2010.
Plunkett J, Le-Khac NA, Kechadi T. Digital forensic investigations in the cloud: A Proposed approach for irish law enforcement. 11th Annual IFIP WG 11.9 International Conference on Digital Forensics (IFIP119 2015), Orlando, Florida, United States; 2015.
Han J, Kim J, Lee S. 5W1H-based expression for the effective sharing of information in digital forensic investigations; arXiv Prepr. arXiv2010.15711, 2020.
Le‐Khac L, Plunkett NA, Kechadi J, MT, Chen. Digital forensic process and model in the cloud. Security, Privacy, and Digital Forensics in the Cloud. 2019; 239.
Bharadiya JP, Tzenios NT, Reddy M. Forecasting of crop yield using remote sensing data, agrarian factors and machine learning approaches. Journal of Engineering Research and Reports. 2023;24(12):29-44.
Nallamothu PT, Bharadiya JP. Artificial intelligence in orthopedics: A concise review. Asian Journal of Orthopaedic Research. 2023;6(1):17- 27.
Abstract View: 36 times
PDF Download: 19 times