Challenges of Cloud Log Forensics

Alobaidli, Hanan; Nasir, Qassim; Iqbal, Asif; Guimarães, Mário

doi:10.1145/3077286.3077302

Cited by 5 publications

(5 citation statements)

References 13 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Retrieval of information from log files: Log files are crucial for investigations, but gathering them from cloud computing environments is complex due to cloud haziness and multi-tenant simulations, as clients have access to the application programming interface (API) only, making monitoring impossible [ 107 ]. In the IaaS cloud model, logs are essential for understanding virtual machine (VM) behavior, but their effectiveness may be limited due to restrictions imposed by cloud providers on storage, access, or sharing among multiple users [ 108 , 109 ]. Cloud service providers often neglect or conceal log collection services, posing challenges such as decentralization, fluctuation, preservation, accessibility, non-existence, lack of important data, and non-compatible log forms [ 110 ].…”

Section: Cloud Forensic Challengesmentioning

confidence: 99%

Cloud Digital Forensics: Beyond Tools, Techniques, and Challenges

Malik,

Bhatti,

Park

et al. 2024

Sensors

View full text Add to dashboard Cite

Cloud computing technology is rapidly becoming ubiquitous and indispensable. However, its widespread adoption also exposes organizations and individuals to a broad spectrum of potential threats. Despite the multiple advantages the cloud offers, organizations remain cautious about migrating their data and applications to the cloud due to fears of data breaches and security compromises. In light of these concerns, this study has conducted an in-depth examination of a variety of articles to enhance the comprehension of the challenges related to safeguarding and fortifying data within the cloud environment. Furthermore, the research has scrutinized several well-documented data breaches, analyzing the financial consequences they inflicted. Additionally, it scrutinizes the distinctions between conventional digital forensics and the forensic procedures specific to cloud computing. As a result of this investigation, the study has concluded by proposing potential opportunities for further research in this critical domain. By doing so, it contributes to our collective understanding of the complex panorama of cloud data protection and security, while acknowledging the evolving nature of technology and the need for ongoing exploration and innovation in this field. This study also helps in understanding the compound annual growth rate (CAGR) of cloud digital forensics, which is found to be quite high at ≈16.53% from 2023 to 2031. Moreover, its market is expected to reach ≈USD 36.9 billion by the year 2031; presently, it is ≈USD 11.21 billion, which shows that there are great opportunities for investment in this area. This study also strategically addresses emerging challenges in cloud digital forensics, providing a comprehensive approach to navigating and overcoming the complexities associated with the evolving landscape of cloud computing.

show abstract

Section: Cloud Forensic Challengesmentioning

confidence: 99%

Cloud Digital Forensics: Beyond Tools, Techniques, and Challenges

Malik,

Bhatti,

Park

et al. 2024

Sensors

View full text Add to dashboard Cite

show abstract

“…Log files, one of the most crucial evidence artefacts in an investigation, must be retrieved, preserved, and maintained securely with their hash values to ensure their integrity. Research in cloud forensics has shown that log files retrieval, preservation, and maintaining the chain of custody are the primary concerns in this field [6,7,15,16].…”

Section: Background and Literature Reviewmentioning

confidence: 99%

Using Blockchain to Preserve Chain of Custody: Cloud Forensics Analysis (S)

Grabner,

Ahmed,

Baghaei

2023

International Conferences on Software Engineering and Knowledge Engineering

View full text Add to dashboard Cite

In the era of cloud computing, the focus of cyber criminals has shifted from traditional IT infrastructures to the cloud. Cyber forensic investigations in the cloud present several challenges due to legal obligations, technical limitations, and the dynamic nature of cloud resources. For instance, access to digital assets is crucial for practical analysis but is often hindered, as investigators may not have complete access to disk images or log files. The mainstream forensic frameworks and solutions for identifying, retrieving, and preserving evidence in the cloud are lacking. Yet, NIST has identified 65 cloud forensics challenges, with 13 related to log files alone. The preservation and integrity of forensic evidence are the backbones of a digital forensic investigation, and the chain of custody proves the authenticity of the evidence. However, cloud environments are not designed to handle digital evidence with integrity, leading to severe issues when presenting evidence in a court of law. This paper delves into the challenges of cloud forensics investigation, focusing on log files, and aims to identify potential solutions and frameworks to support the chain of custody. For that purpose, the authors evaluate the suitability of blockchain technology for maintaining a proper chain of custody of log files in the cloud. A prototype is implemented to serve as a proof of concept.

show abstract

“…Digital mobile cloud forensics is the process of detecting and deducing electronic data (Zawoad & Hasan, 2013). The aim of this is to protect available proof in its novel form while undertaking a well systematic enquiry through the identification of the issue, collection of data and authentication of the electronic/digital data with the objective of reconstructing past events (Alobaidli et al, 2017). The context of this is not limited to the law court though it is most used evidentially there.…”

Section: Related Literaturementioning

confidence: 99%

“…There are enormous challenges faced by the mobile cloud forensics that have not been adequately addressed yet by scholars to find the necessary solutions for such challenges. Acquisition of data in the cloud system remains the most dominant with other different difficulties (Alobaidli et al, 2017).…”

Section: Related Literaturementioning

confidence: 99%

Integration of Cloud in Mobile Forensics

Stuff¹

2022

AIMS Research Publication

View full text Add to dashboard Cite

With emerging technology and the connection of electronic devices to the internet, Internet of Things (IoT) has become part of human life. From the development of smartphones to smartwatches and smart-homes, electronic devices now have the capability of performing human activities or aiding humans in performing activities such as turning hall lights on or off with their voice. Although a large number of people use these devices for the greater good, a few individuals or group of people hide behind these devices to perform malicious activities. In order to apprehend and prosecute perpetuators who hide behind smart devices for evil gains, forensic examinations or investigations must be conducted. This review aims to identify digital forensic challenges in IoT. The inclusion criteria for this paper were international journals, articles, conference papers and case studies published from 2019 to 2022. Thematic analysis was used to analyze and synthesis the literature. Three themes emerged from the analysis; automated compromised smart-home tracer; data volatility and reconstruction; IoT forensic investigation framework. This integrative review combines evidence of digital forensic challenges in diverse IoT devices. Keyword IoT forensics, IoT challenges, Digital forensics, Smart-home forensics.

show abstract

Challenges of Cloud Log Forensics

Cited by 5 publications

References 13 publications

Cloud Digital Forensics: Beyond Tools, Techniques, and Challenges

Cloud Digital Forensics: Beyond Tools, Techniques, and Challenges

Using Blockchain to Preserve Chain of Custody: Cloud Forensics Analysis (S)

Integration of Cloud in Mobile Forensics

Contact Info

Product

Resources

About