Research Area:  Digital Forensics

Abstract:

The multi-tenant Cloud environment creates a plethora of both technical and legal difficulties for digital forensics. Digital forensics typically relies on the analysis of evidence images or residual data. Due to the distributed nature of cloud environments can cause the required dataset to scale rapidly. When coupled with diversely heterogeneous environments, the widespread uptake of anti-forensic data and encryption, privacy requirements and a non-standardised architecture across Cloud Service Providers (CSPs), attribution of any activity for a forensic investigation becomes a tedious task. This paper presents an architecture agnostic, privacy-preserving solution to reducing the digital forensics target search space of a investigation within cloud and edge computing environments which will leverage standard metering and network logs for efficient activity attribution.

Keywords:  
Anti-forenics
cloud forensics
traffic analysis
resource correlation

Author(s) Name:  Adeyinka Odebade; Thomas Welsh; Siyakha Mthunzi; Elhadj Benkhelifa

Publisher name:  IEEE

DOI:  10.1109/SDS.2017.7939155

Volume Information:  

Paper Link:   https://ieeexplore.ieee.org/abstract/document/7939155