Abstract.One of the most important areas in the developing field of cloud computing is the way that investigators conduct researches in order to reveal the ways that a digital crime took place over the cloud. This area is known as cloud forensics. While great research on digital forensics has been carried out, the current digital forensic models and frameworks used to conduct a digital investigation don't meet the requirements and standards demanded in cloud forensics due to the nature and characteristics of cloud computing. In parallel, issues and challenges faced in traditional forensics are different to the ones of cloud forensics. This paper addresses the issues of the cloud forensics challenges identified from review conducted in the respective area and moves to a new model assigning the aforementioned challenges to stages.
In recent years, cloud computing has gained popularity, and it is now used to support various areas of human life. Cloud forensics has been introduced to help forensic investigators find potential evidence against cloud criminal activities and maintain the security and integrity of the information stored in the cloud. While great research in the area has been carried out concerning challenges and solutions, the research on methodologies and frameworks is still in its infancy. This article focuses on the methodological aspects of cloud forensics. It critically reviews cloud forensics' existing challenges and solutions, and it explores, based on a detailed review of the area, all the work that has been carried out both in digital and cloud forensic methodologies mainly for supporting the investigation of security incidents in cloud. Furthermore, the detailed comparison reveals similarities and drawbacks of the existing methodologies providing some novel future research directions. Finally, the specific paper can be considered as a starting point for researchers wishing to design cloud-forensicable services over the cloud.
Cloud computing is used by consumers to access cloud services. Malicious actors exploit vulnerabilities of cloud services to attack consumers. The link between these two assumptions is the cloud service. Although cloud forensics assists in the direction of investigating and solving cloud-based cyber-crimes, in many cases the design and implementation of cloud services falls back. Software designers and engineers should focus their attention on the design and implementation of cloud services that can be investigated in a forensic sound manner. This paper presents a methodology that aims on assisting designers to design cloud forensic-enabled services. The methodology supports the design of cloud services by implementing a number of steps to make the services cloud forensic-enabled. It consists of a set of cloud forensic constraints, a modelling language expressed through a conceptual model and a process based on the concepts identified and presented in the model. The main advantage of the proposed methodology is the correlation of cloud services' characteristics with the cloud investigation while providing software engineers the ability to design and implement cloud forensic-enabled services via the use of a set of predefined forensic related tasks.
Cloud computing technology attracted many Internet users and organizations the past few years and has become one of the hottest topics in IT. However, due to the newly appeared threats and challenges arisen in cloud computing, current methodologies and techniques are not designed for assisting the respective forensic processes in cloud environments. Challenges and issues introduced, require new solutions in cloud forensics. To date, the research conducted in this area concerns mostly the identification of the major challenges in cloud forensics. This paper focuses on the identification of the available technical solutions addressed in the respective literature that have an applicability on cloud computing. Furthermore it matches the identified solutions with the respective challenges already mentioned in the respective literature. Specifically, it summarizes the methods and the proposed solutions used to conduct an investigation, in comparison to the respective cloud challenges and finally it highlights the open problems in the area of cloud forensics.
scite is a Brooklyn-based organization that helps researchers better discover and understand research articles through Smart Citations–citations that display the context of the citation and describe whether the article provides supporting or contrasting evidence. scite is used by students and researchers from around the world and is funded in part by the National Science Foundation and the National Institute on Drug Abuse of the National Institutes of Health.
hi@scite.ai
10624 S. Eastern Ave., Ste. A-614
Henderson, NV 89052, USA
Copyright © 2024 scite LLC. All rights reserved.
Made with 💙 for researchers
Part of the Research Solutions Family.