Title :
Using network data to improve digital investigation in cloud computing environments
Author :
Spiekermann, Daniel ; Eggendorfer, Tobias ; Keller, Jorg
Author_Institution :
FernUniv. Hagen, Hagen, Germany
Abstract :
With the rise of cloud computing environments and the increasingly ubiquitous utilization of its opportunities, the amount of data analysed in a traditional digital forensic examination is increasing significantly, thus increasing the risk to miss evidence. Without adopting new methodology or different approaches investigators are unable to guarantee a valid digital forensic investigation. Due to the large amount of cloud platforms it is hardly feasible to identify them when investigating a computer. Knowing all different services of cloud computing platforms is impossible for a human. The paper therefore proposes to investigate raw network data in order to improve the complete digital investigation process by correlating network and computer forensic parts. We present a new method to analyse network traffic to find information about the usage of cloud specific data. With the possibility to automate this extraction and the comparison with a cloud service knowledge base, the error rate of a forensic investigation is reduced. It also reduces the risk of human errors.
Keywords :
cloud computing; digital forensics; knowledge based systems; telecommunication traffic; cloud computing environments; cloud computing platforms; cloud service knowledge base; cloud specific data; computer forensic parts; digital forensic examination; digital investigation; digital investigation process; forensic investigation; human errors; network data; network traffic; raw network data; ubiquitous utilization; Cloud computing; Digital forensics; IP networks; Protocols; Servers;
Conference_Titel :
High Performance Computing & Simulation (HPCS), 2015 International Conference on
Conference_Location :
Amsterdam
Print_ISBN :
978-1-4673-7812-3
DOI :
10.1109/HPCSim.2015.7237027
