Abstract
The challenges of cloud forensics have been well-documented by both researchers and government agencies (e.g., U.S. National Institute of Standards and Technology), although many of the challenges remain unresolved. In this article, we perform a comprehensive survey of cloud forensic literature published between January 2007 and December 2018, categorized using a five-step forensic investigation process. We also present a taxonomy of existing cloud forensic solutions, with the aim of better informing both the research and practitioner communities, as well as an in-depth discussion of existing conventional digital forensic tools and cloud-specific forensic investigation tools. Based on the findings from the survey, we present a set of design guidelines to inform future cloud forensic investigation processes, and a summary of digital artifacts that can be obtained from different stakeholders in the cloud computing architecture/ecosystem.
- Nurul Hidayah Ab Rahman, Niken Dwi Wahyu Cahyani, and Kim-Kwang Raymond Choo. 2017. Cloud incident handling and forensic-by-design: Cloud storage as a case study. Concurr. Comput.: Pract. Exper. 29, 14 (2017), e3868.Google ScholarCross Ref
- Nurul Hidayah Ab Rahman, William Bradley Glisson, Yanjiang Yang, and Kim-Kwang Raymond Choo. 2016. Forensic-by-design framework for cyber-physical cloud systems. IEEE Cloud Comput. 3, 1 (2016), 50--59.Google ScholarCross Ref
- Imad M. Abbadi, John Lyle et al. 2011. Challenges for provenance in cloud computing. In Proceedings of the International Workshop on Theory and Practice of Provenance (TaPP’11).Google Scholar
- MA Manazir Ahsan, Ainuddin Wahid Abdul Wahab, Mohd Yamani Idna Idris, Suleman Khan, Eric Bachura, and Kim-Kwang Raymond Choo. 2018. CLASS: Cloud log assuring soundness and secrecy scheme for cloud forensics. IEEE Trans. Sustain. Comput. 60, C (2018), 193--205.Google Scholar
- M. Edington Alex and R. Kishore. 2017. Forensics framework for cloud computing. Comput. Electr. Eng. 60 (2017), 193--205.Google ScholarDigital Library
- Syed Ahmed Ali, Shahzad Memon, and Farhan Sahito. 2018. Challenges and solutions in cloud forensics. In Proceedings of the 2nd International Conference on Cloud and Big Data Computing (ICCBDC’18). ACM, New York, NY, 6--10.Google ScholarDigital Library
- Sameera Almulla, Youssef Iraqi, and Andrew Jones. 2014. A state-of-the-art review of cloud forensics. J. Dig. Forens. Secur. Law 9, 4 (2014), 2.Google Scholar
- Sameera Almulla, Youssef Iraqi, and Andrew Jones. 2016. Digital forensic of a cloud-based snapshot. In Proceedings of the 6th International Conference on Innovative Computing Technology (INTECH’16). 724--729.Google ScholarCross Ref
- Saad Alqahtany, Nathan Clarke, Steven Furnell, and Christoph Reich. 2015. Cloud forensics: A review of challenges, solutions and open problems. In Proceedings of the International Conference on Cloud Computing (ICCC’15). IEEE, 1--9.Google ScholarCross Ref
- Muhammad Rizwan Asghar, Mihaela Ion, Giovanni Russello, and Bruno Crispo. 2012. Securing data provenance in the cloud. In Open Problems in Network Security. Springer, 145--160.Google Scholar
- Siamak Azodolmolky, Philipp Wieder, and Ramin Yahyapour. 2013. SDN-based cloud computing networking. In Proceedings of the 15th International Conference on Transparent Optical Networks (ICTON’13). IEEE, 1--4.Google ScholarCross Ref
- Azodolmolky, Siamak and Wieder, Philipp and Yahyapour, Ramin. 2013. Cloud computing networking: Challenges and opportunities for innovations. IEEE Commun. Mag. 51, 7 (2013), 54--62.Google ScholarCross Ref
- Hyun Baek, Abhinav Srivastava, and Jacobus Van der Merwe. 2014. Cloudvmi: Virtual machine introspection as a cloud service. In Proceedings of the International Conference on Cloud Engineering (IC2E’14). IEEE, 153--158.Google ScholarDigital Library
- James Baldwin, Omar M. K. Alhawi, Simone Shaughnessy, Alex Akinbi, and Ali Dehghantanha. 2018. Emerging from the cloud: A bibliometric analysis of cloud forensics studies. Cyber Threat Intell. (2018), 311--331. DOI:10.1007/978-3-319-73951-9_16Google Scholar
- Adam Bates, Kevin Butler, Andreas Haeberlen, Micah Sherr, and Wenchao Zhou. 2014. Let SDN be your eyes: Secure forensics in data center networks. In Proceedings of the NDSS Workshop on Security of Emerging Network Technologies (SENT’14).Google ScholarCross Ref
- Abha Belorkar and G. Geethakumari. 2011. Regeneration of events using system snapshots for cloud forensic analysis. In Proceedings of the India Conference (INDICON’11). IEEE, 1--4.Google Scholar
- Adam J. Brown, William Bradley Glisson, Todd R. Andel, and Kim-Kwang Raymond Choo. 2018. Cloud forecasting: Legal visibility issues in saturated environments. Comput. Law Secur. Rev. 34, 6 (2018), 1278--1290.Google ScholarCross Ref
- Niken Dwi Wahyu Cahyani, Ben Martini, Kim-Kwang Raymond Choo, and AKBP Muhammad Nuh Al-Azhar. 2017. Forensic data acquisition from cloud-of-things devices: Windows smartphones as a case study. Concurr. Comput.: Pract. Exper. 29, 14 (2017), e3855.Google ScholarCross Ref
- Aniello Castiglione, Giuseppe Cattaneo, Giancarlo De Maio, Alfredo De Santis, and Gianluca Roscigno. 2017. A novel methodology to acquire live big data evidence from the cloud. IEEE Trans. Big Data 99 (2017), 1--14. DOI:10.1109/TBDATA.2017.2683521Google ScholarCross Ref
- Kim-Kwang Raymond Choo. 2007. Zombies and botnets.Trends Iss. Crime Crim. Just. 333 (2007), 1--6.Google Scholar
- Kim-Kwang Raymond Choo, Christian Esposito, and Aniello Castiglione. 2017. Evidence and forensics in the cloud: Challenges and future research directions. IEEE Cloud Comput. 4, 3 (2017), 14--19.Google ScholarCross Ref
- Hyunji Chung, Jungheum Park, Sangjin Lee, and Cheulhoon Kang. 2012. Digital forensic investigation of cloud storage services. Dig. Investig. 9, 2 (2012), 81--95.Google ScholarCross Ref
- Dr. Fred Cohen. 2011. Metrics for digital forensics. Retrieved on October 12, 2018 from http://securitymetrics.org/attachments/Metricon-5.5-Cohen-Metrics-in-Digital-Forensics.pdf.Google Scholar
- Gartner Risk Management Leadership Council. 2018. Top 10 Emerging Risks of Q2 2018. Retrieved on September 17, 2018 from https://www.gartner.com/en/audit-risk/trends/top-ten-emerging-risks.Google Scholar
- Farid Daryabar, Ali Dehghantanha, and Kim-Kwang Raymond Choo. 2017. Cloud storage forensics: MEGA as a case study. Austral. J. Forens. Sci. 49, 3 (2017), 344--357.Google ScholarCross Ref
- Farid Daryabar, Ali Dehghantanha, Nur Izura Udzir, Solahuddin bin Shamsuddin, Farhood Norouzizadeh et al. 2013. A survey about impacts of cloud computing on digital forensics. Int. J. Cyber-Secur. Dig. Forens. 2, 2 (2013), 77--95.Google Scholar
- Lucia De Marco, M. Tahar Kechadi, and Filomena Ferrucci. 2013. Cloud forensic readiness: Foundations. In Proceedings of the International Conference on Digital Forensics and Cyber Crime. Springer, 237--244.Google Scholar
- Waldo Delport, Michael Köhn, and Martin S. Olivier. 2011. Isolating a cloud instance for a digital forensic investigation. In Proceedings of the International Information Security South Africa Conference (ISSA’11).Google Scholar
- Waldo Delport and Martin Olivier. 2012. Isolating instances in cloud forensics. In Proceedings of the IFIP International Conference on Digital Forensics. Springer, 187--200.Google ScholarCross Ref
- Quang Do, Ben Martini, and Kim-Kwang Raymond Choo. 2015. A cloud-focused mobile forensics methodology. IEEE Cloud Comput. 2, 4 (2015), 60--65.Google ScholarCross Ref
- Josiah Dykstra and Alan T. Sherman. 2012. Acquiring forensic evidence from infrastructure-as-a-service cloud computing: Exploring and evaluating tools, trust, and techniques. Dig. Investig. 9 (2012), S90--S98.Google ScholarCross Ref
- Christian J. D’Orazio and Kim-Kwang Raymond Choo. 2017. A technique to circumvent SSL/TLS validations on iOS devices. Future Gen. Comput. Syst. 74 (2017), 366--374.Google ScholarCross Ref
- Corrado Federici. 2014. Cloud data imager: A unified answer to remote acquisition of cloud storage areas. Dig. Investig. 11, 1 (2014), 30--42.Google ScholarCross Ref
- Tal Garfinkel, Mendel Rosenblum et al. 2003. A virtual machine introspection-based architecture for intrusion detection. In Proceedings of the Network and Distributed System Security Symposium (NDSS’03), Vol. 3. 191--206.Google Scholar
- Tobias Gebhardt and Hans P. Reiser. 2013. Network forensics for cloud computing. In Proceedings of the IFIP International Conference on Distributed Applications and Interoperable Systems. Springer, 29--42.Google Scholar
- George Grispos, Tim Storer, and William Bradley Glisson. 2012. Calm before the storm: The challenges of cloud computing in digital forensics. Int. J. Dig. Crime Forens. 4, 2 (2012), 28--48.Google ScholarCross Ref
- Jason S. Hale. 2013. Amazon cloud drive forensic analysis. Dig. Investig. 10, 3 (2013), 259--265.Google ScholarDigital Library
- Josiah Dykstra and Alan T. Sherman. 2013. Design and implementation of FROST: Digital forensic tools for the OpenStack cloud computing platform. Dig. Investig. 10 (2013), S87--S95.Google ScholarDigital Library
- Ardalan Kangarlou, Patrick Eugster, and Dongyan Xu. 2009. Vnsnap: Taking snapshots of virtual networked environments with minimal downtime. In Proceedings of the Conference on Dependable Systems and Networks. IEEE, 524--533.Google ScholarCross Ref
- Victor Kebande and H. S. Venter. 2015. A functional architecture for cloud forensic readiness large-scale potential digital evidence analysis. In Proceedings of the European Conference on Cyber Warfare and Security. Academic Conferences Int’l Limited, 373.Google Scholar
- Victor R. Kebande and Hein S. Venter. 2014. A cloud forensic readiness model using a Botnet as a Service. In Proceedings of the International Conference on Digital Security and Forensics. The Society of Digital Information and Wireless Communication, 23--32.Google Scholar
- Victor R. Kebande and Hein S. Venter. 2018. On digital forensic readiness in the cloud using a distributed agent-based solution: Issues and challenges. Austral. J. Forens. Sci. 50, 2 (2018), 209--238.Google ScholarCross Ref
- Suleman Khan, Abdullah Gani, Ainuddin Wahid Abdul Wahab, Ahmed Abdelaziz, and Mustapha Aminu Bagiwa. 2016. FML: A novel forensics management layer for software defined networks. In Proceedings of the 6th International Conference on Cloud System and Big Data Engineering (Confluence’16) IEEE, 619--623.Google ScholarCross Ref
- Suleman Khan, Abdullah Gani, Ainuddin Wahid Abdul Wahab, Ahmed Abdelaziz, Kwangman Ko, Muhammad Khurram Khan, and Mohsen Guizani. 2016. Software-defined network forensics: Motivation, potential locations, requirements, and challenges. IEEE Netw. 30, 6 (2016), 6--13.Google ScholarDigital Library
- Suleman Khan, Abdullah Gani, Ainuddin Wahid Abdul Wahab, Mustapha Aminu Bagiwa, Muhammad Shiraz, Samee U. Khan, Rajkumar Buyya, and Albert Y. Zomaya. 2016. Cloud log forensics: Foundations, state of the art, and future directions. ACM Comput. Surveys 49, 1 (2016), 7.Google ScholarDigital Library
- Suleman Khan, Abdullah Gani, Ainuddin Wahid Abdul Wahab, Muhammad Shiraz, and Iftikhar Ahmad. 2016. Network forensics: Review, taxonomy, and open challenges. J. Netw. Comput. Appl. 66 (2016), 214--235.Google ScholarDigital Library
- Jin Li, Xiaofeng Chen, Qiong Huang, and Duncan S. Wong. 2014. Digital provenance: Enabling secure data forensics in cloud computing. Future Gen. Comput. Syst. 37 (2014), 259--266.Google ScholarCross Ref
- Xiao-Yong Li, Li-Tao Zhou, Yong Shi, and Yu Guo. 2010. A trusted computing environment model in cloud architecture. In Proceedings of the International Conference on Machine Learning and Cybernetics (ICMLC’10), Vol. 6. IEEE, 2843--2848.Google ScholarCross Ref
- Dongxi Liu, Jack Lee, Julian Jang, Surya Nepal, and John Zic. 2010. A cloud architecture of virtual trusted platform modules. In Proceedings of the IEEE/IFIP International Conference on Embedded and Ubiquitous Computing. IEEE, 804--811.Google ScholarDigital Library
- Zhenbang Liu and Hengming Zou. 2014. Poster: A proactive cloud-based cross-reference forensic framework. In Proceedings of the ACM SIGSAC Conference on Computer and Communications Security. ACM, 1475--1477.Google ScholarDigital Library
- Rongxing Lu, Xiaodong Lin, Xiaohui Liang, and Xuemin Sherman Shen. 2010. Secure provenance: The essential of bread and butter of data forensics in cloud computing. In Proceedings of the 5th ACM Symposium on Information, Computer and Communications Security. ACM, 282--292.Google ScholarDigital Library
- Ben Martini and Kim-Kwang Raymond Choo. 2012. An integrated conceptual digital forensic framework for cloud computing. Dig. Investig. 9, 2 (2012), 71--80.Google ScholarCross Ref
- Ben Martini and Kim-Kwang Raymond Choo. 2014. Cloud forensic technical challenges and solutions: A snapshot. IEEE Cloud Comput. 1, 4 (2014), 20--25.Google ScholarCross Ref
- Raffael Marty. 2011. Cloud application logging for forensics. In Proceedings of the ACM Symposium on Applied Computing. ACM, 178--184.Google ScholarDigital Library
- McAfee. 2016. Cloud Adoption and Risk Report. Retrieved on July 12, 2018 from https://www.skyhighnetworks.com/cloud-report/.Google Scholar
- McAfee. 2018. Navigating a Cloudy Sky: Practical Guidance and the State of Cloud Security. Retrieved on November 04, 2018 from https://www.mcafee.com/enterprise/en-us/solutions/lp/cloud-security-report.html.Google Scholar
- P. Mell and T. Grance. 2014. NIST cloud computing forensic science challenges. Draft Nistir 8006 (2014).Google Scholar
- Shaik Khaja Mohiddin, Suresh Babu Yalavarthi, and Shaik Sharmila. 2017. A complete ontological survey of cloud forensic in the area of cloud computing. In Proceedings of the 6th International Conference on Soft Computing for Problem Solving. Springer, 38--47.Google ScholarCross Ref
- SeyedHossein Mohtasebi, Ali Dehghantanha, and K.-K. R. Choo. 2017. Cloud storage forensics: Analysis of data remnants on SpiderOak, JustCloud, and pCloud. In Contemporary Digital Forensic Investigations of Cloud and Mobile Applications. Elsevier, 205--246.Google Scholar
- Kiran-Kumar Muniswamy-Reddy, Peter Macko, and Margo I Seltzer. 2010. Provenance for the cloud. In Proceedings of the USENIX Conference on File and Storage Technologies (FAST’10), Vol. 10.Google Scholar
- Kiran-Kumar Muniswamy-Reddy and Margo Seltzer. 2010. Provenance as first class cloud data. ACM SIGOPS Operat. Syst. Rev. 43, 4 (2010), 11--16.Google ScholarDigital Library
- National Institute of Standards and Technology. 2018. Computer Forensics Tool Catalog. Retrieved from https://toolcatalog.nist.gov.Google Scholar
- Alecsandru Patrascu and Victor-Valeriu Patriciu. 2014. Logging system for cloud computing forensic environments. J. Control Eng. Appl. Info. 16, 1 (2014), 80--88.Google Scholar
- Jonas Pfoh, Christian Schneider, and Claudia Eckert. 2009. A formal model for virtual machine introspection. In Proceedings of the 1st ACM Workshop on Virtual Machine Security. ACM, 1--10.Google ScholarDigital Library
- Ameer Pichan, Mihai Lazarescu, and Sie Teng Soh. 2015. Cloud forensics: Technical challenges, solutions and comparative analysis. Dig. Investig. 13 (2015), 38--57.Google ScholarDigital Library
- James Poore, Juan Carlos Flores, and Travis Atkison. 2013. Evolution of digital forensics in virtualization by using virtual machine introspection. In Proceedings of the 51st ACM Southeast Conference. ACM, 30.Google ScholarDigital Library
- PricewaterhouseCoopers. 2016. Financial Services Technology 2020 and Beyond: Embracing disruption. Retrieved on November 01, 2018 from https://www.pwc.com/gx/en/financial-services/assets/pdf/technology2020-and-beyond.pdf.Google Scholar
- Zhengwei Qi, Chengcheng Xiang, Ruhui Ma, Jian Li, Haibing Guan, and David S. L. Wei. 2017. ForenVisor: A tool for acquiring and preserving reliable data in cloud live forensics. IEEE Trans. Cloud Comput. 5, 3 (2017), 443--456. DOI:10.1109/tcc.2016.2535295Google ScholarCross Ref
- Darren Quick and Kim-Kwang Raymond Choo. 2013. Dropbox analysis: Data remnants on user machines. Dig. Investig. 10, 1 (2013), 3--18.Google ScholarDigital Library
- Darren Quick and Kim-Kwang Raymond Choo. 2013. Forensic collection of cloud storage data: Does the act of collection result in changes to the data or its metadata? Dig. Investig. 10, 3 (2013), 266--277.Google ScholarDigital Library
- Darren Quick and Kim-Kwang Raymond Choo. 2014. Impacts of increasing volume of digital forensic data: A survey and future research challenges. Dig. Investig. 11, 4 (2014), 273--294.Google ScholarDigital Library
- Darren Quick and Kim-Kwang Raymond Choo. 2018. IoT device forensics and data reduction. IEEE Access 6 (2018), 47566--47574.Google ScholarCross Ref
- B. K. S. P. Raju, Nikhil Bharadwaj Gosala, and G. Geethakumari. 2017. CLOSER: Applying aggregation for effective event reconstruction of cloud service logs. In Proceedings of the 11th International Conference on Ubiquitous Information Management and Communication. ACM, 62.Google Scholar
- B. K. S. P. Kumar Raju and G. Geethakumari. 2018. Timeline-based cloud event reconstruction framework for virtual machine artifacts. In Progress in Intelligent Computing Techniques: Theory, Practice, and Applications. Springer, 31--42.Google Scholar
- B. K. S. P. Kumar Raju and G. Geethakumari. 2019. SNAPS: Towards building snapshot-based provenance system for virtual machines in the cloud environment. Comput. Secur. 86 (2019), 92--111. DOI:https://doi.org/10.1016/j.cose.2019.05.020Google ScholarCross Ref
- Sagar Rane and Arati Dixit. 2019. BlockSLaaS: Blockchain assisted secure logging-as-a-service for cloud forensics. In Proceedings of the International Conference on Security and Privacy. Springer, 77--88.Google ScholarCross Ref
- Deevi Radha Rani and G. Geethakumari. 2015. An efficient approach to forensic investigation in cloud using VM snapshots. In Proceedings of the International Conference on Pervasive Computing (ICPC’15). IEEE, 1--5.Google Scholar
- Andrew Reichman. 2011. File Storage Costs Less In The Cloud Than In-House. Retrieved on August 11, 2018 from https://media.amazonwebservices.com/Forrester_File_Storage_Costs_Less_In_The_Cloud.pdf.Google Scholar
- Vassil Roussev, Irfan Ahmed, Andres Barreto, Shane McCulley, and Vivek Shanmughan. 2016. Cloud forensics--Tool development studies 8 future outlook. Dig. Investig. 18 (2016), 79--95.Google ScholarDigital Library
- Vassil Roussev, Andres Barreto, and Irfan Ahmed. 2016. Forensic acquisition of cloud drives. arXiv preprint arXiv:1603.06542 (2016).Google Scholar
- Vassil Roussev and Shane McCulley. 2016. Forensic analysis of cloud-native artifacts. Dig. Investig. 16 (2016), S104--S113.Google ScholarDigital Library
- Keyun Ruan, Joe Carthy, Tahar Kechadi, and Ibrahim Baggili. 2013. Cloud forensics definitions and critical criteria for cloud forensic capability: An overview of survey results. Dig. Investig. 10, 1 (2013), 34--43.Google ScholarDigital Library
- Keyun Ruan, Joe Carthy, Tahar Kechadi, and Mark Crosbie. 2011. Cloud forensics. In Proceedings of the IFIP International Conference on Digital Forensics. 35--46.Google ScholarCross Ref
- Yang Rui, Jiang-chun Ren, Bai Shuai, and Tang Tian. 2017. A digital forensic framework for cloud based on VMI. DEStech Trans. Comput. Sci. Eng. 868--878. DOI:10.12783/dtcse/cst2017/12595Google Scholar
- Nuno Santos, Krishna P. Gummadi, and Rodrigo Rodrigues. 2009. Towards trusted cloud computing. In Proceedings of the 2009 Conference on Hot Topics in Cloud Computing (HotCloud’09). USENIX Association. http://dl.acm.org/citation.cfm?id=1855533.1855536.Google ScholarDigital Library
- Shaik Sharmila and Ch Aparna. 2019. VMSSS: A proposed model for cloud forensic in cloud computing using VM snapshot server. In Soft Computing for Problem Solving. Springer, 483--493.Google Scholar
- George Sibiya, Hein S. Venter, and Thomas Fogwill. 2015. Digital forensics in the cloud: The state of the art. In Proceedings of the IST-Africa Conference. IEEE, 1--9.Google ScholarCross Ref
- Stavros Simou, Christos Kalloniatis, Stefanos Gritzalis, and Haralambos Mouratidis. 2016. A survey on cloud forensics challenges and solutions. Secur. Commun. Netw. 9, 18 (2016), 6285--6314.Google ScholarCross Ref
- Stavros Simou, Christos Kalloniatis, Evangelia Kavakli, and Stefanos Gritzalis. 2014. Cloud forensics solutions: A review. In Proceedings of the International Conference on Advanced Information Systems Engineering. Springer, 299--309.Google ScholarCross Ref
- Jungmin Son and Rajkumar Buyya. 2018. A taxonomy of software-defined networking (SDN)-enabled cloud computing. ACM Comput. Surveys 51, 3 (2018), 59.Google ScholarDigital Library
- Daniel Spiekermann, Tobias Eggendorfer, and Jörg Keller. 2015. Using network data to improve digital investigation in cloud computing environments. In Proceedings of the International Conference on High Performance Computing and Simulation. IEEE, 98--105.Google ScholarCross Ref
- Abhinav Srivastava, Himanshu Raj, Jonathon Giffin, and Paul England. 2012. Trusted VM snapshots in untrusted cloud infrastructures. In Proceedings of the International Workshop on Recent Advances in Intrusion Detection. Springer, 1--21.Google ScholarDigital Library
- Yee-Yang Teing, Dehghantanha Ali, Kim Choo, Mohd T. Abdullah, and Zaiton Muda. 2019. Greening cloud-enabled big data storage forensics: Syncany as a case study. IEEE Trans. Sustain. Comput. 4 (2019), 204--216. Issue 2.Google ScholarCross Ref
- Yee-yang Teing, Ali Dehghantanha, Kim-Kwang Raymond Choo, Tooska Dargahi, and Mauro Conti. 2017. Forensic investigation of cooperative storage cloud service: Symform as a case study. J. Forensic Sci. 62, 3 (2017), 641--654.Google ScholarCross Ref
- Yee-Yang Teing, Ali Dehghantanha, Kim-Kwang Raymond Choo, and Laurence T. Yang. 2017. Forensic investigation of P2P cloud storage services and backbone for IoT networks: BitTorrent Sync as a case study. Comput. Electr. Eng. 58 (2017), 350--363.Google ScholarDigital Library
- Sean Thorpe, Indrajit Ray, Tyrone Grandison, and Abbie Barbir. 2011. The virtual machine log auditor. In Proceedings of the IEEE 1st International Workshop on Security and Forensics in Communication Systems. 1--7.Google Scholar
- Philip M. Trenwith and Hein S. Venter. 2013. Digital forensic readiness in the cloud. In Proceedings of the Conference on Information Security for South Africa. IEEE, 1--5.Google Scholar
- Jia Wang, Fang Peng, Hui Tian, Wenqi Chen, and Jing Lu. 2019. Public auditing of log integrity for cloud storage systems via blockchain. In Proceedings of the International Conference on Security and Privacy in New Computing Environments. Springer, 378--387.Google ScholarCross Ref
- Junqing Wang, Miao Yu, Bingyu Li, Zhengwei Qi, and Haibing Guan. 2012. Hypervisor-based protection of sensitive files in a compromised system. In Proceedings of the 27th Annual ACM Symposium on Applied Computing. ACM, 1765--1770.Google ScholarDigital Library
- Shaun Waterman. 2018. New malware works only in memory, leaves no trace—Cyberscoop. Retrieved from https://www.cyberscoop.com/kaspersky-fileless-malware-memory-attribution-detection/.Google Scholar
- Wenfeng Xia, Yonggang Wen, Chuan Heng Foh, Dusit Niyato, and Haiyong Xie. 2015. A survey on software-defined networking. IEEE Commun. Surveys Tutor. 17, 1 (2015), 27--51.Google ScholarDigital Library
- Qiao Yan, F. Richard Yu, Qingxiang Gong, and Jianqiang Li. 2016. Software-defined networking (SDN) and distributed denial of service (DDoS) attacks in cloud computing environments: A survey, some research issues, and challenges. IEEE Commun. Surveys Tutor. 18, 1 (2016), 602--622.Google ScholarDigital Library
- Shams Zawoad, Amit Dutta, and Ragib Hasan. 2016. Towards building forensics enabled cloud through secure logging-as-a-service. IEEE Trans. Depend. Secure Comput. 1 (2016), 1--1.Google Scholar
- Shams Zawoad and Ragib Hasan. 2013. Cloud forensics: A meta-study of challenges, approaches, and open problems. arXiv preprint arXiv:1302.6312 (2013).Google Scholar
- Olive Qing Zhang, Markus Kirchberg, Ryan K. L. Ko, and Bu Sung Lee. 2011. How to track your data: The case for cloud computing provenance. In Proceedings of the 3rd IEEE International Conference on Cloud Computing Technology and Science. IEEE, 446--453.Google ScholarDigital Library
- Shu-hui Zhang, Xiang-xu Meng, and Lian-hai Wang. 2017. SDNForensics: A comprehensive forensics framework for software defined network. Development 3, 4 (2017), 5.Google Scholar
Index Terms
- A Systematic Survey on Cloud Forensics Challenges, Solutions, and Future Directions
Recommendations
Challenges and Solutions in Cloud Forensics
ICCBDC '18: Proceedings of the 2018 2nd International Conference on Cloud and Big Data ComputingCloud computing is cutting-edge platform in this information age, where organizations are shifting their business due to its elasticity, ubiquity, cost-effectiveness. Unfortunately the cyber criminals has used these characteristics for the criminal ...
Cloud forensics challenges from a service model standpoint: IaaS, PaaS and SaaS
MEDES '15: Proceedings of the 7th International Conference on Management of computational and collective intElligence in Digital EcoSystemsCloud computing is a promising and expanding technology which could replace traditional IT systems. Cloud computing resembles a giant pool of resources which contains hardware, software and related applications, which can be accessed through web-based ...
Forensics framework for cloud computing
Challenges faced by forensics investigators in cloud computing is highlighted.A new Framework is proposed to mitigate challenges faced by forensics investigators.Forensics server is introduced to collect all details regarding malicious activity.The ...
Comments