Beyond digital forensics. A cloud computing perspective over incident response and reporting

Author

Patrascu, Andrei ; Patriciu, Victor-Valeriu

Author_Institution

Comput. Sci. Dept., Mil. Tech. Acad., Bucharest, Romania

fYear

2013

fDate

23-25 May 2013

Firstpage

455

Lastpage

460

Abstract

Cloud computing represents a different paradigm in distributed computing that involves more and more researchers. In this context, we can see that there is a need for knowing where and when a certain data is processed or stored. Compared with classic digital forensic, the field of cloud forensic poses a lot of difficulties since data is not stored on a single storage unit and furthermore it involves the use of virtualization technologies. In this paper we will present in detail a new and novel way of monitoring user activity in cloud environments using a secure cloud forensic framework. We talk about the architecture of such framework and we emphasize the way in which our research can be applied on top of new or existing cloud infrastructures. Also, for testing purposes, we have applied our findings over our previous developed cloud computing framework.

Keywords

cloud computing; digital forensics; software architecture; virtualisation; cloud computing; cloud forensic framework security; data processing; digital forensics; distributed computing; framework architecture; incident reporting; incident response; user activity monitoring; virtualization technologies; Cloud computing; Computers; Digital forensics; Kernel; Virtual machining; Virtualization; KVM; Linux kernel virtualization; XEN; cloud computing; cloud computing forensics; cloud computing incident response; secure data forensics;

fLanguage

English

Publisher

ieee

Conference_Titel

Applied Computational Intelligence and Informatics (SACI), 2013 IEEE 8th International Symposium on

Conference_Location

Timisoara

Print_ISBN

978-1-4673-6397-6

Type

conf

DOI

10.1109/SACI.2013.6609018

Filename

6609018