SlideShare ist ein Scribd-Unternehmen logo

11.cyber forensics in cloud computing

Alexander Decker
Alexander Decker
TechnologieBusiness
1 von 9
Downloaden Sie, um offline zu lesen
Computer Engineering and Intelligent Systems www.iiste.org ISSN 2222-1719 (Paper) ISSN 2222-2863 (Online) Vol 3, No.2, 2012 Cyber Forensics in Cloud Computing Arijit Paul1* Mayuri Kiran Anvekar1** Rishil Jacob1*** K. Chandra Sekaran1 1. Department of Computer Science and Engineering, NITK, Surathkal, India * Email: arijitpaul90@gmail.com ** Email: mayuri.anvekar@gmail.com *** Email: rjpunk@gmail.com Abstract Cloud computing is a broad and diverse phenomenon; much of the growth represents a transfer of traditional IT services to a new cloud model. Cloud computing is anticipated to be one of the most transformative technologies in the history of computing. Cloud organizations, including the providers and customers of cloud services, have yet to establish a well-defined forensic capability. Without this they are unable to ensure the robustness and suitability of their services to support investigations of criminal activity. In this paper, we take the first steps towards defining the new area of cloud forensics, and analyze its challenges and opportunities. Keywords: Cloud Computing, Software as a Service, Platform as a Service, Infrastructure as a Service, Signature-based Analysis, Behavior-based Analysis, Cloud Forensics. 1. Introduction to Cloud Computing Conceptual Model Cloud computing model supports convenient, on-demand software access via network access to a shared group of configurable computing devices (e.g., servers, networks, applications, services and storage) that can be released and fast provisioned with less management work and service provider interaction. There is no standard or single architectural method in cloud computing. This stands as the biggest challenge in this aspect. Therefore, it's best to view cloud architectures as a set of approaches, each with its own examples and capabilities. A cloud computing system is a set of IT resources designed to be allocated ad-hoc to run applications, rather than be assigned a static set of applications as is the case in client/server computing. In a cloud computing environment, a user (via a virtual desktop, for example) requests information from an application. The cloud computing environment must then broker resources to run that application. 1.1 Virtualization Virtualization is the key element in implementing cloud computing. Cloud Computing is defined as a pool of virtualized computer resources. Based on this Virtualization the Cloud Computing paradigm allows workloads to be deployed and scaled-out quickly through the rapid provisioning of virtual machines or physical machines. A Cloud Computing platform supports redundant, self-recovering, highly scalable programming models that allow workloads to recover from many inevitable hardware/software failures. A Cloud Computing platform is more than a collection of computer resources because it provides a mechanism to manage those resources. In a Cloud Computing platform software is migrating from the desktop into the "clouds" of the Internet, promising users anytime, anywhere access to their programs and data. The concept of cloud computing and how virtualization enables it offers many innovative opportunities to make the cloud environment more dynamic and versatile. VMware solutions are engineered and integrated to equip the cloud with a unique combination of benefits. Virtualization is the essential catalyst for cloud computing. We can see that by the following process: Firstly the user requests an application resource in a symbolic form (via URL). Secondly the 29
Computer Engineering and Intelligent Systems www.iiste.org ISSN 2222-1719 (Paper) ISSN 2222-2863 (Online) Vol 3, No.2, 2012 cloud computing environment fields the request and assigns resources to the task. Thirdly resources are loaded with the required software. Finally the address of the resources is returned to the user and the application interaction proceeds. As this sequence shows, the most critical requirement for cloud computing is that users have a virtual view of their applications and should never refer to an application resource with a static address. Doing so would prevent the cloud from allocating resources flexibly. Since all cloud computing models must support a virtualized "front-end" interface to users, the management style of their virtual resources may be very different from one implementation to another. 1.2 Server-Virtualization The cloud computing system is divided into two sections as shown in Figure 1: the front end and the back end. They connect to each other through a network, usually the Internet. The front end is the client side (or the user end). The back end is the "cloud" section of the system. The front end includes the user’s computer and the application required to access the cloud computing system. All cloud computing systems do not have the same user interface. Services like Web-based e- mail programs leverage existing Web browsers like Internet Explorer or Firefox. Other systems have their own unique applications that provide network access to clients. On the back end of the system are the various servers and data storage systems that create the "cloud" of computing services. Normally, every application will have its own dedicated server to execute or run its applications. A central server administers the system, monitoring traffic and client demands to ensure everything runs efficiently and smoothly. It follows a set of rules called protocols and uses a special kind of software called middleware. Middleware allows the computer systems connected in the network to communicate with each other and exchange data. Usually, the servers do not run at full capacity which means that there is unused processing power going to waste. It is possible to overcome this problem by making a physical server act as if it is actually multiple servers, each running with its own independent operating system. The technique is called server virtualization. By maximizing the output of individual servers, server virtualization reduces the need for more physical machines. This helps in handling large amounts of loads which facilitates in scaling up and down of resources provided by the cloud. If a cloud computing company has a lot of clients, there's likely to be a high demand for a lot of storage space. Some companies require hundreds of digital storage devices. Cloud computing systems need at least twice the number of storage devices it requires to keep all its clients' information stored. That's because these devices, like all computers, occasionally break down. A cloud computing system must make a copy of all its clients' information and store it on other devices. The copies enable the central server to access backup machines to retrieve data that otherwise would be unreachable. 2. Proposed Cloud Computing Service Architecture Cloud computing delivers software, platform, and infrastructure as services, which are made available as services in a pay-per-use model to consumers. These services in industry are respectively referred to as Infrastructure as a Service (IaaS), Platform as a Service (PaaS), and Software as a Service (SaaS). These three fundamental classifications are often referred to as the “SPI Model”. The diagram describes the cloud architecture based on the SaaS, PaaS and IaaS deployment models. Understanding the relationships and dependencies between Cloud Computing models is critical to understanding Cloud Computing security risks. IaaS is the foundation of all cloud services, with PaaS building upon IaaS, and SaaS in turn building upon PaaS as described in the Cloud Reference Model diagram. In this way, just as capabilities are inherited, so are information security issues and risk. IaaS includes the entire infrastructure resource stack from the facilities to the hardware platforms that reside in them. It incorporates the capability to abstract resources, as well as deliver physical and logical 30
Computer Engineering and Intelligent Systems www.iiste.org ISSN 2222-1719 (Paper) ISSN 2222-2863 (Online) Vol 3, No.2, 2012 connectivity to those resources. Ultimately, IaaS provides a set of APIs which allow management and other forms of interaction with the infrastructure by consumers. PaaS sits atop IaaS and adds an additional layer of integration with application development frameworks, middleware capabilities, and functions such as database, messaging, and queuing, which allow developers to build applications upon to the platform; and whose programming languages and tools are supported by the stack. SaaS in turn is built upon the underlying IaaS and PaaS stacks and provides a self-contained operating environment used to deliver the entire user experience including the content, its presentation, the applications, and management capabilities. PaaS is similar to IaaS, except that the service includes a specific set of programming languages and tools (the platform). Generally aimed at the developer community, PaaS is analogous to an on-premises application server, only with elasticity and other cloud-computing features. Since platform software is fixed with the service, PaaS places restrictions on the applications that can be built. SaaS is essentially the delivery of conventional IT applications to end users over the Internet. SaaS is analogous to a client/server model, except that the server is replaced by the SaaS provider’s data center, the clients are web browsers on desktops, and the service offers cloud computing benefits such as elasticity and pay-as-you-consume metering. SaaS gained a foothold with universal applications such as email and Customer Relationship Management (CRM) applications like Salesforce.com. 3. Comparison of the Three Service Layers of Cloud Architecture The three cloud computing service models can be viewed as a stack as depicted in Figure 3, with each layer increasing in specificity, while decreasing control of the underlying resources. The three layers sit above a virtualization layer, which itself sits above the physical servers, storages, and network hardware. It should therefore be clear that there are significant trade-offs to each model in terms of integrated features, complexity and security. Trade-offs between the three cloud-deployment models includes: • SaaS provides the most integrated functionality built directly into the offering, with the least consumer extensibility, and a relatively high level of integrated security. • PaaS is intended to enable developers to build their own applications on top of the platform. As a result it tends to be more extensible than SaaS, at the expense of customer ready features. This tradeoff extends to security features and capabilities, where the built-in capabilities are less complete, but there is more flexibility to layer on additional security. • IaaS provides few if any application-like features, but enormous extensibility. This generally means less integrated security capabilities and functionality beyond protecting the infrastructure itself. This model requires that operating systems, applications, and content be managed and secured by the cloud consumer. The key point for security architecture is that the lower down the stack the cloud service provider stops, the more security capabilities and management consumers are responsible for implementing and managing themselves. In the case of SaaS, this means that service levels, security, compliance, and expectations of the service and provider are predetermined, managed, and enforced. In the case of PaaS or IaaS it is the responsibility of the consumer’s system administrators to effectively manage the same, with some compensation by the provider for securing the underlying platform and infrastructure components to ensure basic service availability and security. 4. Proposed Cloud Forensics Steps The growth in networking connectivity, complexity and activity has been accompanied by an increase in the number of crimes committed within networks, forcing both enterprises and law enforcement to undertake highly specialized investigations. Forensic analysis, the methodical investigation of a crime scene, presents special difficulties in the virtual world. What is problematic for an investigator to do 31
Computer Engineering and Intelligent Systems www.iiste.org ISSN 2222-1719 (Paper) ISSN 2222-2863 (Online) Vol 3, No.2, 2012 within a computer, making sense out of fragile digital data arranged in obscure and complex ways, can be very difficult within the significantly larger digital context of the network. Network forensics is the capture, recording, and analysis of network events in order to discover the source of security attacks or other problem incidents. It helps in identifying unauthorized access to computer system, and searches for evidence in case of such an occurrence. Network forensics is the ability to investigate, at a network level, things taking place or that have taken place across an IT system. The ultimate goal of network forensics is to provide sufficient evidence to allow the criminal perpetrator to be successfully prosecuted. The practical application of Network Forensics could be in areas such as hacking, fraud, insurance companies, data theft—industrial espionage, defamation, narcotics trafficking, credit card cloning, software piracy, electoral law, obscene publication, and discrimination. One of the challenges in forensics is establishing of snapshots of the system in operation. But in this case one can question if this is good enough for such a "vast" and possibly globally distributed ecosystem. Let’s take the instance of malware injected into the kernel space of a system- it is possible that it may be programmed to modify data or functionality or both. We propose that since data may be present or available in a given configuration for a limited time or be staged through different levels of storage hierarchies, we can place bounds on events in question so as to be able to capture events of interest completely and hence it will be easier to keep track of events in the cloud. The steps to be followed in forensic investigation are depicted in the proposed design described in Figure – 4. 4.1 Collection and Storage of Data Initially, to protect the data in the database, we would collect the data and store it in encrypted form. The data collection step collects all sorts of data like login, IP address etc. It mainly finishes collecting and storing network data. All the activities done in the network via a system can be stored in the database for future investigation. Forensics analysis can be initiated on a time-basis, i.e. after some time period. During this time, whatever changes have been made in the system can be collected and saved in the database, which will be taken into consideration while performing the analysis. A time- stamp can also be maintained to keep only recent modifications in the database, while removing the old ones to save memory. A checklist of malicious activities needs to be maintained as well, which will help us identify the restricted activities. This information needs to be monitored over for constant update due to the rapid growth of crime in the world. To detect an intrusion, we need examine data describing the environment’s state. The event auditor can monitor the data that the analyzers are accessing. The first component monitors message exchange between nodes. Although audit information about the communication between nodes is being captured, no network data is taken into account—only node information. The second component monitors the middleware logging system. For each action occurring in a node, a log entry is created containing the action’s type (such as error, alert, or warning), the event that generated it, and the message. With this kind of data, it’s possible to identify an ongoing intrusion. 4.1.1 Signature-Based Method Also called as Knowledge-based intrusion detection, is the most often applied technique in the field because it results in a low false-alarm rate and high positive rates, although it can’t detect unknown attack patterns. It uses rules (also called signatures) and monitors a stream of events to find malicious characteristics. 4.1.2. Behavior-Based Method Numerous methods exist for behavior-based intrusion detection, such as data mining, artificial neural networks, and artificial immunological systems. We will use a feed-forward artificial neural network, because—in contrast to traditional methods—this type of network can quickly process information, 32
Computer Engineering and Intelligent Systems www.iiste.org ISSN 2222-1719 (Paper) ISSN 2222-2863 (Online) Vol 3, No.2, 2012 has self-learning capabilities, and can tolerate small behavior deviations. These features help overcome some limitations which are there with traditional attacks. Using this method, we need to recognize expected behavior (legitimate use) or a severe behavior deviation. Training plays a key role in the pattern recognition that feed-forward networks perform. The network must be correctly trained to efficiently detect intrusions. For a given intrusion sample set, the network learns to identify the intrusions using its retro propagation algorithm. However, we focus on identifying user behavioral patterns and deviations from such patterns. With this strategy, we can cover a wider range of unknown attacks. Behavior Analysis dictates how to compare recent user actions to the usual behavior. System needs to recognize expected behavior or deviation from regular behavior. With this strategy, we can cover a wider range of unknown attacks. This is performed on learned behavior that can’t be modified without losing the previous learning. Generating rules is the key element in this technique—it helps the expert system recognize newly discovered attacks. Creating a rule consists of defining the set of conditions that represent the attack. 4.2 Forensics Analysis Using Network Tools The forensics analysis module includes working with various tools to gather information on the present status of the network. This information will be used to check for misbehavior later on. These tools allow us to know the current scenario like the activities carried out by a user at a particular IP address, or the sites accessed by him/her, or recovery of passwords using methods such as network packet sniffing, cracking various password hashes etc. This information collected is then either used directly for invasion detection or are saved in the database to be used for detection in future. 4.3 Invasion Detection Invasion Detection module is the core of system, where the stored information is send for signature based analysis. In this method, all the data which has been collected so far is evaluated against the restricted checklist currently available in the database. This will allow us to detect whether an intrusion has occurred in the system. This is done by using pattern matching techniques where the occurrence of a sequence of tokens from the available checklist is matched with the inputted string (collected data). If match is successful, then alarm is generated and the detected network data is saved and logged in the result database, so that not only the original data is saved in the database, but also the data of invasion analysis. 4.4 Logging the Result in the Database The result of the analysis is gathered together and depicted in a presentable and acceptable manner. Using the result obtained and conducting flow statistical analysis on data, invasion data restoration, and inquiry analysis, a detailed invasion report can be generated to be presented to the higher authorities. Some new virus, new invasion methods of hacker and tools which can’t be detected during invasion detecting and module analysis can be explored and worked upon to be saved in the checklist. References http://www.cloudcomputingmodel.com/ http://www.vmware.com/solutions/cloud-computing/index.html http://www.cloudcomputingarchitecture.net/ http://www.tatacommunications.com/downloads/whitepapers/Tata_Communications_IaaS_WhitePaper_v2. 0-web 33
Computer Engineering and Intelligent Systems www.iiste.org ISSN 2222-1719 (Paper) ISSN 2222-2863 (Online) Vol 3, No.2, 2012 “Oracle Platform as a Service (PaaS) FAQ”; platform-as-a-service-faq-v4-444924 Platform-as-a-Service Private Cloud with Oracle Fusion Middleware, An Oracle White Paper, October 2009 Keyun Ruan, Prof. Joe Carthy, Prof. Tahar Kechadi, Mark Crosbie, Cloud forensics: An overview, Centre for Cybercrime Ivestigation, University College Dublin. http://www.sei.cmu.edu/library/assets/presentations/Cloud%20Computing%20Architecture%20- %20Gerald%20Kaefer.pdf Computer and Network Forensics Evidence Investigation Tools, http://www.edecision4u.com/ Network Forensics, http://en.wikipedia.org/wiki/Network_forensics Resource Centre for Cyber Forensics India, http://www.cyberforensics.in/(A(cos8NMWQywEkAAAAODMwODM4YWMtNWFmZC00ZWNhLThk NDEtNTlhMWM3MGE5MzA5hkCziwldj9ts_CCtkjYQI68akds1))/Research/NetworkForensics.aspx Figure 1. Software Server - Virtualization Layer 34
Computer Engineering and Intelligent Systems www.iiste.org ISSN 2222-1719 (Paper) ISSN 2222-2863 (Online) Vol 3, No.2, 2012 Figure 2. Proposed Cloud Architecture Figure 3. The SPI Layers of Cloud Computing Service Model 35
Computer Engineering and Intelligent Systems www.iiste.org ISSN 2222-1719 (Paper) ISSN 2222-2863 (Online) Vol 3, No.2, 2012 Figure 4. Proposed design and Implementation Steps 36
International Journals Call for Paper The IISTE, a U.S. publisher, is currently hosting the academic journals listed below. The peer review process of the following journals usually takes LESS THAN 14 business days and IISTE usually publishes a qualified article within 30 days. Authors should send their full paper to the following email address. More information can be found in the IISTE website : www.iiste.org Business, Economics, Finance and Management PAPER SUBMISSION EMAIL European Journal of Business and Management EJBM@iiste.org Research Journal of Finance and Accounting RJFA@iiste.org Journal of Economics and Sustainable Development JESD@iiste.org Information and Knowledge Management IKM@iiste.org Developing Country Studies DCS@iiste.org Industrial Engineering Letters IEL@iiste.org Physical Sciences, Mathematics and Chemistry PAPER SUBMISSION EMAIL Journal of Natural Sciences Research JNSR@iiste.org Chemistry and Materials Research CMR@iiste.org Mathematical Theory and Modeling MTM@iiste.org Advances in Physics Theories and Applications APTA@iiste.org Chemical and Process Engineering Research CPER@iiste.org Engineering, Technology and Systems PAPER SUBMISSION EMAIL Computer Engineering and Intelligent Systems CEIS@iiste.org Innovative Systems Design and Engineering ISDE@iiste.org Journal of Energy Technologies and Policy JETP@iiste.org Information and Knowledge Management IKM@iiste.org Control Theory and Informatics CTI@iiste.org Journal of Information Engineering and Applications JIEA@iiste.org Industrial Engineering Letters IEL@iiste.org Network and Complex Systems NCS@iiste.org Environment, Civil, Materials Sciences PAPER SUBMISSION EMAIL Journal of Environment and Earth Science JEES@iiste.org Civil and Environmental Research CER@iiste.org Journal of Natural Sciences Research JNSR@iiste.org Civil and Environmental Research CER@iiste.org Life Science, Food and Medical Sciences PAPER SUBMISSION EMAIL Journal of Natural Sciences Research JNSR@iiste.org Journal of Biology, Agriculture and Healthcare JBAH@iiste.org Food Science and Quality Management FSQM@iiste.org Chemistry and Materials Research CMR@iiste.org Education, and other Social Sciences PAPER SUBMISSION EMAIL Journal of Education and Practice JEP@iiste.org Journal of Law, Policy and Globalization JLPG@iiste.org Global knowledge sharing: New Media and Mass Communication NMMC@iiste.org EBSCO, Index Copernicus, Ulrich's Journal of Energy Technologies and Policy JETP@iiste.org Periodicals Directory, JournalTOCS, PKP Historical Research Letter HRL@iiste.org Open Archives Harvester, Bielefeld Academic Search Engine, Elektronische Public Policy and Administration Research PPAR@iiste.org Zeitschriftenbibliothek EZB, Open J-Gate, International Affairs and Global Strategy IAGS@iiste.org OCLC WorldCat, Universe Digtial Library , Research on Humanities and Social Sciences RHSS@iiste.org NewJour, Google Scholar. Developing Country Studies DCS@iiste.org IISTE is member of CrossRef. All journals Arts and Design Studies ADS@iiste.org have high IC Impact Factor Values (ICV).

Empfohlen

Cloud Computing Forensic Science
Cloud Computing Forensic Science Cloud Computing Forensic Science
Cloud Computing Forensic Science David Sweigert
 
Security and Privacy in Cloud Computing - a High-level view
Security and Privacy in Cloud Computing - a High-level viewSecurity and Privacy in Cloud Computing - a High-level view
Security and Privacy in Cloud Computing - a High-level viewragibhasan
 
The Death Of Computer Forensics: Digital Forensics After the Singularity
The Death Of Computer Forensics: Digital Forensics After the SingularityThe Death Of Computer Forensics: Digital Forensics After the Singularity
The Death Of Computer Forensics: Digital Forensics After the SingularityTech and Law Center
 
Cloud-forensics
Cloud-forensicsCloud-forensics
Cloud-forensicsanupriti
 
Cloud Forensics: Drawbacks in Current Methodologies and Proposed Solution
Cloud Forensics: Drawbacks in Current Methodologies and Proposed SolutionCloud Forensics: Drawbacks in Current Methodologies and Proposed Solution
Cloud Forensics: Drawbacks in Current Methodologies and Proposed SolutionIJERA Editor
 
International Journal of Computational Engineering Research(IJCER)
International Journal of Computational Engineering Research(IJCER) International Journal of Computational Engineering Research(IJCER)
International Journal of Computational Engineering Research(IJCER) ijceronline
 
Exploring Cloud Encryption
Exploring Cloud EncryptionExploring Cloud Encryption
Exploring Cloud EncryptionSamuel Borthwick
 
Research Paper Digital Forensics on Google Cloud Platform
Research Paper Digital Forensics on Google Cloud PlatformResearch Paper Digital Forensics on Google Cloud Platform
Research Paper Digital Forensics on Google Cloud PlatformSamuel Borthwick
 

Empfohlen

Cloud Computing Forensic Science
Cloud Computing Forensic Science Cloud Computing Forensic Science
Cloud Computing Forensic Science David Sweigert
 
Security and Privacy in Cloud Computing - a High-level view
Security and Privacy in Cloud Computing - a High-level viewSecurity and Privacy in Cloud Computing - a High-level view
Security and Privacy in Cloud Computing - a High-level viewragibhasan
 
The Death Of Computer Forensics: Digital Forensics After the Singularity
The Death Of Computer Forensics: Digital Forensics After the SingularityThe Death Of Computer Forensics: Digital Forensics After the Singularity
The Death Of Computer Forensics: Digital Forensics After the SingularityTech and Law Center
 
Cloud-forensics
Cloud-forensicsCloud-forensics
Cloud-forensicsanupriti
 
Cloud Forensics: Drawbacks in Current Methodologies and Proposed Solution
Cloud Forensics: Drawbacks in Current Methodologies and Proposed SolutionCloud Forensics: Drawbacks in Current Methodologies and Proposed Solution
Cloud Forensics: Drawbacks in Current Methodologies and Proposed SolutionIJERA Editor
 
International Journal of Computational Engineering Research(IJCER)
International Journal of Computational Engineering Research(IJCER) International Journal of Computational Engineering Research(IJCER)
International Journal of Computational Engineering Research(IJCER) ijceronline
 
Exploring Cloud Encryption
Exploring Cloud EncryptionExploring Cloud Encryption
Exploring Cloud EncryptionSamuel Borthwick
 
Research Paper Digital Forensics on Google Cloud Platform
Research Paper Digital Forensics on Google Cloud PlatformResearch Paper Digital Forensics on Google Cloud Platform
Research Paper Digital Forensics on Google Cloud PlatformSamuel Borthwick
 
Challenges and Proposed Solutions for Cloud Forensic
Challenges and Proposed Solutions for Cloud ForensicChallenges and Proposed Solutions for Cloud Forensic
Challenges and Proposed Solutions for Cloud ForensicIJERA Editor
 
BIOMETRIC SMARTCARD AUTHENTICATION FOR FOG COMPUTING
BIOMETRIC SMARTCARD AUTHENTICATION FOR FOG COMPUTINGBIOMETRIC SMARTCARD AUTHENTICATION FOR FOG COMPUTING
BIOMETRIC SMARTCARD AUTHENTICATION FOR FOG COMPUTINGIJNSA Journal
 
IRJET- Mutual Key Oversight Procedure for Cloud Security and Distribution of ...
IRJET- Mutual Key Oversight Procedure for Cloud Security and Distribution of ...IRJET- Mutual Key Oversight Procedure for Cloud Security and Distribution of ...
IRJET- Mutual Key Oversight Procedure for Cloud Security and Distribution of ...IRJET Journal
 
SECURE THIRD PARTY AUDITOR (TPA) FOR ENSURING DATA INTEGRITY IN FOG COMPUTING
SECURE THIRD PARTY AUDITOR (TPA) FOR ENSURING DATA INTEGRITY IN FOG COMPUTINGSECURE THIRD PARTY AUDITOR (TPA) FOR ENSURING DATA INTEGRITY IN FOG COMPUTING
SECURE THIRD PARTY AUDITOR (TPA) FOR ENSURING DATA INTEGRITY IN FOG COMPUTINGIJNSA Journal
 
Cloud computing: Legal and ethical issues in library and information services
Cloud computing: Legal and ethical issues in library and information servicesCloud computing: Legal and ethical issues in library and information services
Cloud computing: Legal and ethical issues in library and information servicese-Marefa
 
E Discovery Cloud
E Discovery CloudE Discovery Cloud
E Discovery Cloudgjohansen
 
IT Solutions for 3 Common Small Business Problems
IT Solutions for 3 Common Small Business ProblemsIT Solutions for 3 Common Small Business Problems
IT Solutions for 3 Common Small Business ProblemsBrooke Bordelon
 
pay as you decrypt decryption outsourcing for functional encryption using blo...
pay as you decrypt decryption outsourcing for functional encryption using blo...pay as you decrypt decryption outsourcing for functional encryption using blo...
pay as you decrypt decryption outsourcing for functional encryption using blo...Venkat Projects
 
Data Integrity proofs in cloud storage
Data Integrity proofs in cloud storageData Integrity proofs in cloud storage
Data Integrity proofs in cloud storageSameer Mohd
 
Privacy and Integrity Preserving in Cloud Storage Devices
Privacy and Integrity Preserving in Cloud Storage DevicesPrivacy and Integrity Preserving in Cloud Storage Devices
Privacy and Integrity Preserving in Cloud Storage DevicesIOSR Journals
 
Improve HLA based Encryption Process using fixed Size Aggregate Key generation
Improve HLA based Encryption Process using fixed Size Aggregate Key generationImprove HLA based Encryption Process using fixed Size Aggregate Key generation
Improve HLA based Encryption Process using fixed Size Aggregate Key generationEditor IJMTER
 
Security Problem With Cloud Computing
Security Problem With Cloud ComputingSecurity Problem With Cloud Computing
Security Problem With Cloud ComputingMartin Bioh
 
Attaining data security in cloud computing
Attaining data security in cloud computingAttaining data security in cloud computing
Attaining data security in cloud computingGopinath Muthusamy
 
Secure Data Sharing In an Untrusted Cloud
Secure Data Sharing In an Untrusted CloudSecure Data Sharing In an Untrusted Cloud
Secure Data Sharing In an Untrusted CloudIJERA Editor
 
The Security and Privacy Threats to Cloud Computing
The Security and Privacy Threats to Cloud ComputingThe Security and Privacy Threats to Cloud Computing
The Security and Privacy Threats to Cloud ComputingAnkit Singh
 
Privacy Preserving in Authentication Protocol for Shared Authority Based Clou...
Privacy Preserving in Authentication Protocol for Shared Authority Based Clou...Privacy Preserving in Authentication Protocol for Shared Authority Based Clou...
Privacy Preserving in Authentication Protocol for Shared Authority Based Clou...IRJET Journal
 
Security in cloud computing
Security in cloud computingSecurity in cloud computing
Security in cloud computingEr. Saba karim
 
A Study of Data Storage Security Issues in Cloud Computing
A Study of Data Storage Security Issues in Cloud ComputingA Study of Data Storage Security Issues in Cloud Computing
A Study of Data Storage Security Issues in Cloud Computingvivatechijri
 
Analysis of classical encryption techniques in cloud computing
Analysis of classical encryption techniques in cloud computingAnalysis of classical encryption techniques in cloud computing
Analysis of classical encryption techniques in cloud computingredpel dot com
 
Cloud Application Logging for Forensics
Cloud Application Logging for ForensicsCloud Application Logging for Forensics
Cloud Application Logging for ForensicsRaffael Marty
 
Cloud Forensics- An IS Approach
Cloud Forensics- An IS ApproachCloud Forensics- An IS Approach
Cloud Forensics- An IS ApproachIOSR Journals
 
Adding event reconstruction to a cloud forensic readiness
Adding event reconstruction to a cloud forensic readinessAdding event reconstruction to a cloud forensic readiness
Adding event reconstruction to a cloud forensic readinessVictor Kebande
 

Weitere ähnliche Inhalte

Was ist angesagt?

Challenges and Proposed Solutions for Cloud Forensic
Challenges and Proposed Solutions for Cloud ForensicChallenges and Proposed Solutions for Cloud Forensic
Challenges and Proposed Solutions for Cloud ForensicIJERA Editor
 
BIOMETRIC SMARTCARD AUTHENTICATION FOR FOG COMPUTING
BIOMETRIC SMARTCARD AUTHENTICATION FOR FOG COMPUTINGBIOMETRIC SMARTCARD AUTHENTICATION FOR FOG COMPUTING
BIOMETRIC SMARTCARD AUTHENTICATION FOR FOG COMPUTINGIJNSA Journal
 
IRJET- Mutual Key Oversight Procedure for Cloud Security and Distribution of ...
IRJET- Mutual Key Oversight Procedure for Cloud Security and Distribution of ...IRJET- Mutual Key Oversight Procedure for Cloud Security and Distribution of ...
IRJET- Mutual Key Oversight Procedure for Cloud Security and Distribution of ...IRJET Journal
 
SECURE THIRD PARTY AUDITOR (TPA) FOR ENSURING DATA INTEGRITY IN FOG COMPUTING
SECURE THIRD PARTY AUDITOR (TPA) FOR ENSURING DATA INTEGRITY IN FOG COMPUTINGSECURE THIRD PARTY AUDITOR (TPA) FOR ENSURING DATA INTEGRITY IN FOG COMPUTING
SECURE THIRD PARTY AUDITOR (TPA) FOR ENSURING DATA INTEGRITY IN FOG COMPUTINGIJNSA Journal
 
Cloud computing: Legal and ethical issues in library and information services
Cloud computing: Legal and ethical issues in library and information servicesCloud computing: Legal and ethical issues in library and information services
Cloud computing: Legal and ethical issues in library and information servicese-Marefa
 
E Discovery Cloud
E Discovery CloudE Discovery Cloud
E Discovery Cloudgjohansen
 
IT Solutions for 3 Common Small Business Problems
IT Solutions for 3 Common Small Business ProblemsIT Solutions for 3 Common Small Business Problems
IT Solutions for 3 Common Small Business ProblemsBrooke Bordelon
 
pay as you decrypt decryption outsourcing for functional encryption using blo...
pay as you decrypt decryption outsourcing for functional encryption using blo...pay as you decrypt decryption outsourcing for functional encryption using blo...
pay as you decrypt decryption outsourcing for functional encryption using blo...Venkat Projects
 
Data Integrity proofs in cloud storage
Data Integrity proofs in cloud storageData Integrity proofs in cloud storage
Data Integrity proofs in cloud storageSameer Mohd
 
Privacy and Integrity Preserving in Cloud Storage Devices
Privacy and Integrity Preserving in Cloud Storage DevicesPrivacy and Integrity Preserving in Cloud Storage Devices
Privacy and Integrity Preserving in Cloud Storage DevicesIOSR Journals
 
Improve HLA based Encryption Process using fixed Size Aggregate Key generation
Improve HLA based Encryption Process using fixed Size Aggregate Key generationImprove HLA based Encryption Process using fixed Size Aggregate Key generation
Improve HLA based Encryption Process using fixed Size Aggregate Key generationEditor IJMTER
 
Security Problem With Cloud Computing
Security Problem With Cloud ComputingSecurity Problem With Cloud Computing
Security Problem With Cloud ComputingMartin Bioh
 
Attaining data security in cloud computing
Attaining data security in cloud computingAttaining data security in cloud computing
Attaining data security in cloud computingGopinath Muthusamy
 
Secure Data Sharing In an Untrusted Cloud
Secure Data Sharing In an Untrusted CloudSecure Data Sharing In an Untrusted Cloud
Secure Data Sharing In an Untrusted CloudIJERA Editor
 
The Security and Privacy Threats to Cloud Computing
The Security and Privacy Threats to Cloud ComputingThe Security and Privacy Threats to Cloud Computing
The Security and Privacy Threats to Cloud ComputingAnkit Singh
 
Privacy Preserving in Authentication Protocol for Shared Authority Based Clou...
Privacy Preserving in Authentication Protocol for Shared Authority Based Clou...Privacy Preserving in Authentication Protocol for Shared Authority Based Clou...
Privacy Preserving in Authentication Protocol for Shared Authority Based Clou...IRJET Journal
 
Security in cloud computing
Security in cloud computingSecurity in cloud computing
Security in cloud computingEr. Saba karim
 
A Study of Data Storage Security Issues in Cloud Computing
A Study of Data Storage Security Issues in Cloud ComputingA Study of Data Storage Security Issues in Cloud Computing
A Study of Data Storage Security Issues in Cloud Computingvivatechijri
 
Analysis of classical encryption techniques in cloud computing
Analysis of classical encryption techniques in cloud computingAnalysis of classical encryption techniques in cloud computing
Analysis of classical encryption techniques in cloud computingredpel dot com
 

Was ist angesagt? (19)

Challenges and Proposed Solutions for Cloud Forensic
Challenges and Proposed Solutions for Cloud ForensicChallenges and Proposed Solutions for Cloud Forensic
Challenges and Proposed Solutions for Cloud Forensic
 
BIOMETRIC SMARTCARD AUTHENTICATION FOR FOG COMPUTING
BIOMETRIC SMARTCARD AUTHENTICATION FOR FOG COMPUTINGBIOMETRIC SMARTCARD AUTHENTICATION FOR FOG COMPUTING
BIOMETRIC SMARTCARD AUTHENTICATION FOR FOG COMPUTING
 
IRJET- Mutual Key Oversight Procedure for Cloud Security and Distribution of ...
IRJET- Mutual Key Oversight Procedure for Cloud Security and Distribution of ...IRJET- Mutual Key Oversight Procedure for Cloud Security and Distribution of ...
IRJET- Mutual Key Oversight Procedure for Cloud Security and Distribution of ...
 
SECURE THIRD PARTY AUDITOR (TPA) FOR ENSURING DATA INTEGRITY IN FOG COMPUTING
SECURE THIRD PARTY AUDITOR (TPA) FOR ENSURING DATA INTEGRITY IN FOG COMPUTINGSECURE THIRD PARTY AUDITOR (TPA) FOR ENSURING DATA INTEGRITY IN FOG COMPUTING
SECURE THIRD PARTY AUDITOR (TPA) FOR ENSURING DATA INTEGRITY IN FOG COMPUTING
 
Cloud computing: Legal and ethical issues in library and information services
Cloud computing: Legal and ethical issues in library and information servicesCloud computing: Legal and ethical issues in library and information services
Cloud computing: Legal and ethical issues in library and information services
 
E Discovery Cloud
E Discovery CloudE Discovery Cloud
E Discovery Cloud
 
IT Solutions for 3 Common Small Business Problems
IT Solutions for 3 Common Small Business ProblemsIT Solutions for 3 Common Small Business Problems
IT Solutions for 3 Common Small Business Problems
 
pay as you decrypt decryption outsourcing for functional encryption using blo...
pay as you decrypt decryption outsourcing for functional encryption using blo...pay as you decrypt decryption outsourcing for functional encryption using blo...
pay as you decrypt decryption outsourcing for functional encryption using blo...
 
Data Integrity proofs in cloud storage
Data Integrity proofs in cloud storageData Integrity proofs in cloud storage
Data Integrity proofs in cloud storage
 
Privacy and Integrity Preserving in Cloud Storage Devices
Privacy and Integrity Preserving in Cloud Storage DevicesPrivacy and Integrity Preserving in Cloud Storage Devices
Privacy and Integrity Preserving in Cloud Storage Devices
 
Improve HLA based Encryption Process using fixed Size Aggregate Key generation
Improve HLA based Encryption Process using fixed Size Aggregate Key generationImprove HLA based Encryption Process using fixed Size Aggregate Key generation
Improve HLA based Encryption Process using fixed Size Aggregate Key generation
 
Security Problem With Cloud Computing
Security Problem With Cloud ComputingSecurity Problem With Cloud Computing
Security Problem With Cloud Computing
 
Attaining data security in cloud computing
Attaining data security in cloud computingAttaining data security in cloud computing
Attaining data security in cloud computing
 
Secure Data Sharing In an Untrusted Cloud
Secure Data Sharing In an Untrusted CloudSecure Data Sharing In an Untrusted Cloud
Secure Data Sharing In an Untrusted Cloud
 
The Security and Privacy Threats to Cloud Computing
The Security and Privacy Threats to Cloud ComputingThe Security and Privacy Threats to Cloud Computing
The Security and Privacy Threats to Cloud Computing
 
Privacy Preserving in Authentication Protocol for Shared Authority Based Clou...
Privacy Preserving in Authentication Protocol for Shared Authority Based Clou...Privacy Preserving in Authentication Protocol for Shared Authority Based Clou...
Privacy Preserving in Authentication Protocol for Shared Authority Based Clou...
 
Security in cloud computing
Security in cloud computingSecurity in cloud computing
Security in cloud computing
 
A Study of Data Storage Security Issues in Cloud Computing
A Study of Data Storage Security Issues in Cloud ComputingA Study of Data Storage Security Issues in Cloud Computing
A Study of Data Storage Security Issues in Cloud Computing
 
Analysis of classical encryption techniques in cloud computing
Analysis of classical encryption techniques in cloud computingAnalysis of classical encryption techniques in cloud computing
Analysis of classical encryption techniques in cloud computing
 

Andere mochten auch

Cloud Application Logging for Forensics
Cloud Application Logging for ForensicsCloud Application Logging for Forensics
Cloud Application Logging for ForensicsRaffael Marty
 
Cloud Forensics- An IS Approach
Cloud Forensics- An IS ApproachCloud Forensics- An IS Approach
Cloud Forensics- An IS ApproachIOSR Journals
 
Adding event reconstruction to a cloud forensic readiness
Adding event reconstruction to a cloud forensic readinessAdding event reconstruction to a cloud forensic readiness
Adding event reconstruction to a cloud forensic readinessVictor Kebande
 
Memory forensics using VMI for cloud computing
Memory forensics using VMI for cloud computingMemory forensics using VMI for cloud computing
Memory forensics using VMI for cloud computingPriyanka Aash
 
Cloud Monitoring And Forensic Using Security Metrics
Cloud Monitoring And Forensic Using Security MetricsCloud Monitoring And Forensic Using Security Metrics
Cloud Monitoring And Forensic Using Security MetricsSandeep Saxena
 
Cloud Forensics
Cloud ForensicsCloud Forensics
Cloud Forensicssdavis532
 
(130928) #fitalk cloud storage forensics - dropbox
(130928) #fitalk cloud storage forensics - dropbox(130928) #fitalk cloud storage forensics - dropbox
(130928) #fitalk cloud storage forensics - dropboxINSIGHT FORENSIC
 

Andere mochten auch (7)

Cloud Application Logging for Forensics
Cloud Application Logging for ForensicsCloud Application Logging for Forensics
Cloud Application Logging for Forensics
 
Cloud Forensics- An IS Approach
Cloud Forensics- An IS ApproachCloud Forensics- An IS Approach
Cloud Forensics- An IS Approach
 
Adding event reconstruction to a cloud forensic readiness
Adding event reconstruction to a cloud forensic readinessAdding event reconstruction to a cloud forensic readiness
Adding event reconstruction to a cloud forensic readiness
 
Memory forensics using VMI for cloud computing
Memory forensics using VMI for cloud computingMemory forensics using VMI for cloud computing
Memory forensics using VMI for cloud computing
 
Cloud Monitoring And Forensic Using Security Metrics
Cloud Monitoring And Forensic Using Security MetricsCloud Monitoring And Forensic Using Security Metrics
Cloud Monitoring And Forensic Using Security Metrics
 
Cloud Forensics
Cloud ForensicsCloud Forensics
Cloud Forensics
 
(130928) #fitalk cloud storage forensics - dropbox
(130928) #fitalk cloud storage forensics - dropbox(130928) #fitalk cloud storage forensics - dropbox
(130928) #fitalk cloud storage forensics - dropbox
 

Ähnlich wie 11.cyber forensics in cloud computing

Oruta phase1 report
Oruta phase1 reportOruta phase1 report
Oruta phase1 reportsuthi
 
Cloud Computing: Overview & Utility
Cloud Computing: Overview & UtilityCloud Computing: Overview & Utility
Cloud Computing: Overview & Utilityiosrjce
 
Design & Development of a Trustworthy and Secure Billing System for Cloud Com...
Design & Development of a Trustworthy and Secure Billing System for Cloud Com...Design & Development of a Trustworthy and Secure Billing System for Cloud Com...
Design & Development of a Trustworthy and Secure Billing System for Cloud Com...iosrjce
 
A Secure Cloud Storage System with Data Forwarding using Proxy Re-encryption ...
A Secure Cloud Storage System with Data Forwarding using Proxy Re-encryption ...A Secure Cloud Storage System with Data Forwarding using Proxy Re-encryption ...
A Secure Cloud Storage System with Data Forwarding using Proxy Re-encryption ...IJTET Journal
 
A Secure Cloud Storage System with Data Forwarding using Proxy Re-encryption ...
A Secure Cloud Storage System with Data Forwarding using Proxy Re-encryption ...A Secure Cloud Storage System with Data Forwarding using Proxy Re-encryption ...
A Secure Cloud Storage System with Data Forwarding using Proxy Re-encryption ...IJTET Journal
 
Load Balancing In Cloud Computing:A Review
Load Balancing In Cloud Computing:A ReviewLoad Balancing In Cloud Computing:A Review
Load Balancing In Cloud Computing:A ReviewIOSR Journals
 
cloud computing documentation
cloud computing documentationcloud computing documentation
cloud computing documentationshilpa bojji
 
02_Cloud-Intro.pdf cloud introduction introduction
02_Cloud-Intro.pdf cloud introduction introduction02_Cloud-Intro.pdf cloud introduction introduction
02_Cloud-Intro.pdf cloud introduction introductionAslamHossain30
 
Cloud computing security through symmetric cipher model
Cloud computing security through symmetric cipher modelCloud computing security through symmetric cipher model
Cloud computing security through symmetric cipher modelijcsit
 
Cloud Computing Security Issues in Infrastructure as a Service” report
Cloud Computing Security Issues in Infrastructure as a Service” reportCloud Computing Security Issues in Infrastructure as a Service” report
Cloud Computing Security Issues in Infrastructure as a Service” reportVivek Maurya
 

Ähnlich wie 11.cyber forensics in cloud computing (20)

Oruta phase1 report
Oruta phase1 reportOruta phase1 report
Oruta phase1 report
 
Cloud Computing: Overview & Utility
Cloud Computing: Overview & UtilityCloud Computing: Overview & Utility
Cloud Computing: Overview & Utility
 
G017324043
G017324043G017324043
G017324043
 
Cloud Computing
Cloud ComputingCloud Computing
Cloud Computing
 
A REVIEW ON RESOURCE ALLOCATION MECHANISM IN CLOUD ENVIORNMENT
A REVIEW ON RESOURCE ALLOCATION MECHANISM IN CLOUD ENVIORNMENTA REVIEW ON RESOURCE ALLOCATION MECHANISM IN CLOUD ENVIORNMENT
A REVIEW ON RESOURCE ALLOCATION MECHANISM IN CLOUD ENVIORNMENT
 
Design & Development of a Trustworthy and Secure Billing System for Cloud Com...
Design & Development of a Trustworthy and Secure Billing System for Cloud Com...Design & Development of a Trustworthy and Secure Billing System for Cloud Com...
Design & Development of a Trustworthy and Secure Billing System for Cloud Com...
 
A017620123
A017620123A017620123
A017620123
 
Cloud computing
Cloud computingCloud computing
Cloud computing
 
A Secure Cloud Storage System with Data Forwarding using Proxy Re-encryption ...
A Secure Cloud Storage System with Data Forwarding using Proxy Re-encryption ...A Secure Cloud Storage System with Data Forwarding using Proxy Re-encryption ...
A Secure Cloud Storage System with Data Forwarding using Proxy Re-encryption ...
 
A Secure Cloud Storage System with Data Forwarding using Proxy Re-encryption ...
A Secure Cloud Storage System with Data Forwarding using Proxy Re-encryption ...A Secure Cloud Storage System with Data Forwarding using Proxy Re-encryption ...
A Secure Cloud Storage System with Data Forwarding using Proxy Re-encryption ...
 
Cc unit 3 updated version
Cc unit 3 updated versionCc unit 3 updated version
Cc unit 3 updated version
 
Load Balancing In Cloud Computing:A Review
Load Balancing In Cloud Computing:A ReviewLoad Balancing In Cloud Computing:A Review
Load Balancing In Cloud Computing:A Review
 
cloud computing documentation
cloud computing documentationcloud computing documentation
cloud computing documentation
 
02_Cloud-Intro.pdf cloud introduction introduction
02_Cloud-Intro.pdf cloud introduction introduction02_Cloud-Intro.pdf cloud introduction introduction
02_Cloud-Intro.pdf cloud introduction introduction
 
Cloud computing
Cloud computingCloud computing
Cloud computing
 
Cloud computing
Cloud computingCloud computing
Cloud computing
 
Cloud computing security through symmetric cipher model
Cloud computing security through symmetric cipher modelCloud computing security through symmetric cipher model
Cloud computing security through symmetric cipher model
 
The Cloud Of Cloud Computing Essay
The Cloud Of Cloud Computing EssayThe Cloud Of Cloud Computing Essay
The Cloud Of Cloud Computing Essay
 
Cloud Computing Security Issues in Infrastructure as a Service” report
Cloud Computing Security Issues in Infrastructure as a Service” reportCloud Computing Security Issues in Infrastructure as a Service” report
Cloud Computing Security Issues in Infrastructure as a Service” report
 
484 488
484 488484 488
484 488
 

Mehr von Alexander Decker

Abnormalities of hormones and inflammatory cytokines in women affected with p...
Abnormalities of hormones and inflammatory cytokines in women affected with p...Abnormalities of hormones and inflammatory cytokines in women affected with p...
Abnormalities of hormones and inflammatory cytokines in women affected with p...Alexander Decker
 
A validation of the adverse childhood experiences scale in
A validation of the adverse childhood experiences scale inA validation of the adverse childhood experiences scale in
A validation of the adverse childhood experiences scale inAlexander Decker
 
A usability evaluation framework for b2 c e commerce websites
A usability evaluation framework for b2 c e commerce websitesA usability evaluation framework for b2 c e commerce websites
A usability evaluation framework for b2 c e commerce websitesAlexander Decker
 
A universal model for managing the marketing executives in nigerian banks
A universal model for managing the marketing executives in nigerian banksA universal model for managing the marketing executives in nigerian banks
A universal model for managing the marketing executives in nigerian banksAlexander Decker
 
A unique common fixed point theorems in generalized d
A unique common fixed point theorems in generalized dA unique common fixed point theorems in generalized d
A unique common fixed point theorems in generalized dAlexander Decker
 
A trends of salmonella and antibiotic resistance
A trends of salmonella and antibiotic resistanceA trends of salmonella and antibiotic resistance
A trends of salmonella and antibiotic resistanceAlexander Decker
 
A transformational generative approach towards understanding al-istifham
A transformational generative approach towards understanding al-istifhamA transformational generative approach towards understanding al-istifham
A transformational generative approach towards understanding al-istifhamAlexander Decker
 
A time series analysis of the determinants of savings in namibia
A time series analysis of the determinants of savings in namibiaA time series analysis of the determinants of savings in namibia
A time series analysis of the determinants of savings in namibiaAlexander Decker
 
A therapy for physical and mental fitness of school children
A therapy for physical and mental fitness of school childrenA therapy for physical and mental fitness of school children
A therapy for physical and mental fitness of school childrenAlexander Decker
 
A theory of efficiency for managing the marketing executives in nigerian banks
A theory of efficiency for managing the marketing executives in nigerian banksA theory of efficiency for managing the marketing executives in nigerian banks
A theory of efficiency for managing the marketing executives in nigerian banksAlexander Decker
 
A systematic evaluation of link budget for
A systematic evaluation of link budget forA systematic evaluation of link budget for
A systematic evaluation of link budget forAlexander Decker
 
A synthetic review of contraceptive supplies in punjab
A synthetic review of contraceptive supplies in punjabA synthetic review of contraceptive supplies in punjab
A synthetic review of contraceptive supplies in punjabAlexander Decker
 
A synthesis of taylor’s and fayol’s management approaches for managing market...
A synthesis of taylor’s and fayol’s management approaches for managing market...A synthesis of taylor’s and fayol’s management approaches for managing market...
A synthesis of taylor’s and fayol’s management approaches for managing market...Alexander Decker
 
A survey paper on sequence pattern mining with incremental
A survey paper on sequence pattern mining with incrementalA survey paper on sequence pattern mining with incremental
A survey paper on sequence pattern mining with incrementalAlexander Decker
 
A survey on live virtual machine migrations and its techniques
A survey on live virtual machine migrations and its techniquesA survey on live virtual machine migrations and its techniques
A survey on live virtual machine migrations and its techniquesAlexander Decker
 
A survey on data mining and analysis in hadoop and mongo db
A survey on data mining and analysis in hadoop and mongo dbA survey on data mining and analysis in hadoop and mongo db
A survey on data mining and analysis in hadoop and mongo dbAlexander Decker
 
A survey on challenges to the media cloud
A survey on challenges to the media cloudA survey on challenges to the media cloud
A survey on challenges to the media cloudAlexander Decker
 
A survey of provenance leveraged
A survey of provenance leveragedA survey of provenance leveraged
A survey of provenance leveragedAlexander Decker
 
A survey of private equity investments in kenya
A survey of private equity investments in kenyaA survey of private equity investments in kenya
A survey of private equity investments in kenyaAlexander Decker
 
A study to measures the financial health of
A study to measures the financial health ofA study to measures the financial health of
A study to measures the financial health ofAlexander Decker
 

Mehr von Alexander Decker (20)

Abnormalities of hormones and inflammatory cytokines in women affected with p...
Abnormalities of hormones and inflammatory cytokines in women affected with p...Abnormalities of hormones and inflammatory cytokines in women affected with p...
Abnormalities of hormones and inflammatory cytokines in women affected with p...
 
A validation of the adverse childhood experiences scale in
A validation of the adverse childhood experiences scale inA validation of the adverse childhood experiences scale in
A validation of the adverse childhood experiences scale in
 
A usability evaluation framework for b2 c e commerce websites
A usability evaluation framework for b2 c e commerce websitesA usability evaluation framework for b2 c e commerce websites
A usability evaluation framework for b2 c e commerce websites
 
A universal model for managing the marketing executives in nigerian banks
A universal model for managing the marketing executives in nigerian banksA universal model for managing the marketing executives in nigerian banks
A universal model for managing the marketing executives in nigerian banks
 
A unique common fixed point theorems in generalized d
A unique common fixed point theorems in generalized dA unique common fixed point theorems in generalized d
A unique common fixed point theorems in generalized d
 
A trends of salmonella and antibiotic resistance
A trends of salmonella and antibiotic resistanceA trends of salmonella and antibiotic resistance
A trends of salmonella and antibiotic resistance
 
A transformational generative approach towards understanding al-istifham
A transformational generative approach towards understanding al-istifhamA transformational generative approach towards understanding al-istifham
A transformational generative approach towards understanding al-istifham
 
A time series analysis of the determinants of savings in namibia
A time series analysis of the determinants of savings in namibiaA time series analysis of the determinants of savings in namibia
A time series analysis of the determinants of savings in namibia
 
A therapy for physical and mental fitness of school children
A therapy for physical and mental fitness of school childrenA therapy for physical and mental fitness of school children
A therapy for physical and mental fitness of school children
 
A theory of efficiency for managing the marketing executives in nigerian banks
A theory of efficiency for managing the marketing executives in nigerian banksA theory of efficiency for managing the marketing executives in nigerian banks
A theory of efficiency for managing the marketing executives in nigerian banks
 
A systematic evaluation of link budget for
A systematic evaluation of link budget forA systematic evaluation of link budget for
A systematic evaluation of link budget for
 
A synthetic review of contraceptive supplies in punjab
A synthetic review of contraceptive supplies in punjabA synthetic review of contraceptive supplies in punjab
A synthetic review of contraceptive supplies in punjab
 
A synthesis of taylor’s and fayol’s management approaches for managing market...
A synthesis of taylor’s and fayol’s management approaches for managing market...A synthesis of taylor’s and fayol’s management approaches for managing market...
A synthesis of taylor’s and fayol’s management approaches for managing market...
 
A survey paper on sequence pattern mining with incremental
A survey paper on sequence pattern mining with incrementalA survey paper on sequence pattern mining with incremental
A survey paper on sequence pattern mining with incremental
 
A survey on live virtual machine migrations and its techniques
A survey on live virtual machine migrations and its techniquesA survey on live virtual machine migrations and its techniques
A survey on live virtual machine migrations and its techniques
 
A survey on data mining and analysis in hadoop and mongo db
A survey on data mining and analysis in hadoop and mongo dbA survey on data mining and analysis in hadoop and mongo db
A survey on data mining and analysis in hadoop and mongo db
 
A survey on challenges to the media cloud
A survey on challenges to the media cloudA survey on challenges to the media cloud
A survey on challenges to the media cloud
 
A survey of provenance leveraged
A survey of provenance leveragedA survey of provenance leveraged
A survey of provenance leveraged
 
A survey of private equity investments in kenya
A survey of private equity investments in kenyaA survey of private equity investments in kenya
A survey of private equity investments in kenya
 
A study to measures the financial health of
A study to measures the financial health ofA study to measures the financial health of
A study to measures the financial health of
 

Kürzlich hochgeladen

Take control of your SAP testing with UiPath Test Suite
Take control of your SAP testing with UiPath Test SuiteTake control of your SAP testing with UiPath Test Suite
Take control of your SAP testing with UiPath Test SuiteDianaGray10
 
TeamStation AI System Report LATAM IT Salaries 2024
TeamStation AI System Report LATAM IT Salaries 2024TeamStation AI System Report LATAM IT Salaries 2024
TeamStation AI System Report LATAM IT Salaries 2024Lonnie McRorey
 
Sample pptx for embedding into website for demo
Sample pptx for embedding into website for demoSample pptx for embedding into website for demo
Sample pptx for embedding into website for demoHarshalMandlekar2
 
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024BookNet Canada
 
Ensuring Technical Readiness For Copilot in Microsoft 365
Ensuring Technical Readiness For Copilot in Microsoft 365Ensuring Technical Readiness For Copilot in Microsoft 365
Ensuring Technical Readiness For Copilot in Microsoft 3652toLead Limited
 
How AI, OpenAI, and ChatGPT impact business and software.
How AI, OpenAI, and ChatGPT impact business and software.How AI, OpenAI, and ChatGPT impact business and software.
How AI, OpenAI, and ChatGPT impact business and software.Curtis Poe
 
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)Mark Simos
 
"ML in Production",Oleksandr Bagan
"ML in Production",Oleksandr Bagan"ML in Production",Oleksandr Bagan
"ML in Production",Oleksandr BaganFwdays
 
Training state-of-the-art general text embedding
Training state-of-the-art general text embeddingTraining state-of-the-art general text embedding
Training state-of-the-art general text embeddingZilliz
 
Transcript: New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024Transcript: New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024BookNet Canada
 
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptx
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptxMerck Moving Beyond Passwords: FIDO Paris Seminar.pptx
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptxLoriGlavin3
 
From Family Reminiscence to Scholarly Archive .
From Family Reminiscence to Scholarly Archive .From Family Reminiscence to Scholarly Archive .
From Family Reminiscence to Scholarly Archive .Alan Dix
 
TrustArc Webinar - How to Build Consumer Trust Through Data Privacy
TrustArc Webinar - How to Build Consumer Trust Through Data PrivacyTrustArc Webinar - How to Build Consumer Trust Through Data Privacy
TrustArc Webinar - How to Build Consumer Trust Through Data PrivacyTrustArc
 
The State of Passkeys with FIDO Alliance.pptx
The State of Passkeys with FIDO Alliance.pptxThe State of Passkeys with FIDO Alliance.pptx
The State of Passkeys with FIDO Alliance.pptxLoriGlavin3
 
DSPy a system for AI to Write Prompts and Do Fine Tuning
DSPy a system for AI to Write Prompts and Do Fine TuningDSPy a system for AI to Write Prompts and Do Fine Tuning
DSPy a system for AI to Write Prompts and Do Fine TuningLars Bell
 
The Fit for Passkeys for Employee and Consumer Sign-ins: FIDO Paris Seminar.pptx
The Fit for Passkeys for Employee and Consumer Sign-ins: FIDO Paris Seminar.pptxThe Fit for Passkeys for Employee and Consumer Sign-ins: FIDO Paris Seminar.pptx
The Fit for Passkeys for Employee and Consumer Sign-ins: FIDO Paris Seminar.pptxLoriGlavin3
 
Developer Data Modeling Mistakes: From Postgres to NoSQL
Developer Data Modeling Mistakes: From Postgres to NoSQLDeveloper Data Modeling Mistakes: From Postgres to NoSQL
Developer Data Modeling Mistakes: From Postgres to NoSQLScyllaDB
 
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024BookNet Canada
 
Generative AI for Technical Writer or Information Developers
Generative AI for Technical Writer or Information DevelopersGenerative AI for Technical Writer or Information Developers
Generative AI for Technical Writer or Information DevelopersRaghuram Pandurangan
 
What is Artificial Intelligence?????????
What is Artificial Intelligence?????????What is Artificial Intelligence?????????
What is Artificial Intelligence?????????blackmambaettijean
 

Kürzlich hochgeladen (20)

Take control of your SAP testing with UiPath Test Suite
Take control of your SAP testing with UiPath Test SuiteTake control of your SAP testing with UiPath Test Suite
Take control of your SAP testing with UiPath Test Suite
 
TeamStation AI System Report LATAM IT Salaries 2024
TeamStation AI System Report LATAM IT Salaries 2024TeamStation AI System Report LATAM IT Salaries 2024
TeamStation AI System Report LATAM IT Salaries 2024
 
Sample pptx for embedding into website for demo
Sample pptx for embedding into website for demoSample pptx for embedding into website for demo
Sample pptx for embedding into website for demo
 
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
 
Ensuring Technical Readiness For Copilot in Microsoft 365
Ensuring Technical Readiness For Copilot in Microsoft 365Ensuring Technical Readiness For Copilot in Microsoft 365
Ensuring Technical Readiness For Copilot in Microsoft 365
 
How AI, OpenAI, and ChatGPT impact business and software.
How AI, OpenAI, and ChatGPT impact business and software.How AI, OpenAI, and ChatGPT impact business and software.
How AI, OpenAI, and ChatGPT impact business and software.
 
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
 
"ML in Production",Oleksandr Bagan
"ML in Production",Oleksandr Bagan"ML in Production",Oleksandr Bagan
"ML in Production",Oleksandr Bagan
 
Training state-of-the-art general text embedding
Training state-of-the-art general text embeddingTraining state-of-the-art general text embedding
Training state-of-the-art general text embedding
 
Transcript: New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024Transcript: New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
 
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptx
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptxMerck Moving Beyond Passwords: FIDO Paris Seminar.pptx
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptx
 
From Family Reminiscence to Scholarly Archive .
From Family Reminiscence to Scholarly Archive .From Family Reminiscence to Scholarly Archive .
From Family Reminiscence to Scholarly Archive .
 
TrustArc Webinar - How to Build Consumer Trust Through Data Privacy
TrustArc Webinar - How to Build Consumer Trust Through Data PrivacyTrustArc Webinar - How to Build Consumer Trust Through Data Privacy
TrustArc Webinar - How to Build Consumer Trust Through Data Privacy
 
The State of Passkeys with FIDO Alliance.pptx
The State of Passkeys with FIDO Alliance.pptxThe State of Passkeys with FIDO Alliance.pptx
The State of Passkeys with FIDO Alliance.pptx
 
DSPy a system for AI to Write Prompts and Do Fine Tuning
DSPy a system for AI to Write Prompts and Do Fine TuningDSPy a system for AI to Write Prompts and Do Fine Tuning
DSPy a system for AI to Write Prompts and Do Fine Tuning
 
The Fit for Passkeys for Employee and Consumer Sign-ins: FIDO Paris Seminar.pptx
The Fit for Passkeys for Employee and Consumer Sign-ins: FIDO Paris Seminar.pptxThe Fit for Passkeys for Employee and Consumer Sign-ins: FIDO Paris Seminar.pptx
The Fit for Passkeys for Employee and Consumer Sign-ins: FIDO Paris Seminar.pptx
 
Developer Data Modeling Mistakes: From Postgres to NoSQL
Developer Data Modeling Mistakes: From Postgres to NoSQLDeveloper Data Modeling Mistakes: From Postgres to NoSQL
Developer Data Modeling Mistakes: From Postgres to NoSQL
 
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
 
Generative AI for Technical Writer or Information Developers
Generative AI for Technical Writer or Information DevelopersGenerative AI for Technical Writer or Information Developers
Generative AI for Technical Writer or Information Developers
 
What is Artificial Intelligence?????????
What is Artificial Intelligence?????????What is Artificial Intelligence?????????
What is Artificial Intelligence?????????
 

11.cyber forensics in cloud computing

  • 1. Computer Engineering and Intelligent Systems www.iiste.org ISSN 2222-1719 (Paper) ISSN 2222-2863 (Online) Vol 3, No.2, 2012 Cyber Forensics in Cloud Computing Arijit Paul1* Mayuri Kiran Anvekar1** Rishil Jacob1*** K. Chandra Sekaran1 1. Department of Computer Science and Engineering, NITK, Surathkal, India * Email: arijitpaul90@gmail.com ** Email: mayuri.anvekar@gmail.com *** Email: rjpunk@gmail.com Abstract Cloud computing is a broad and diverse phenomenon; much of the growth represents a transfer of traditional IT services to a new cloud model. Cloud computing is anticipated to be one of the most transformative technologies in the history of computing. Cloud organizations, including the providers and customers of cloud services, have yet to establish a well-defined forensic capability. Without this they are unable to ensure the robustness and suitability of their services to support investigations of criminal activity. In this paper, we take the first steps towards defining the new area of cloud forensics, and analyze its challenges and opportunities. Keywords: Cloud Computing, Software as a Service, Platform as a Service, Infrastructure as a Service, Signature-based Analysis, Behavior-based Analysis, Cloud Forensics. 1. Introduction to Cloud Computing Conceptual Model Cloud computing model supports convenient, on-demand software access via network access to a shared group of configurable computing devices (e.g., servers, networks, applications, services and storage) that can be released and fast provisioned with less management work and service provider interaction. There is no standard or single architectural method in cloud computing. This stands as the biggest challenge in this aspect. Therefore, it's best to view cloud architectures as a set of approaches, each with its own examples and capabilities. A cloud computing system is a set of IT resources designed to be allocated ad-hoc to run applications, rather than be assigned a static set of applications as is the case in client/server computing. In a cloud computing environment, a user (via a virtual desktop, for example) requests information from an application. The cloud computing environment must then broker resources to run that application. 1.1 Virtualization Virtualization is the key element in implementing cloud computing. Cloud Computing is defined as a pool of virtualized computer resources. Based on this Virtualization the Cloud Computing paradigm allows workloads to be deployed and scaled-out quickly through the rapid provisioning of virtual machines or physical machines. A Cloud Computing platform supports redundant, self-recovering, highly scalable programming models that allow workloads to recover from many inevitable hardware/software failures. A Cloud Computing platform is more than a collection of computer resources because it provides a mechanism to manage those resources. In a Cloud Computing platform software is migrating from the desktop into the "clouds" of the Internet, promising users anytime, anywhere access to their programs and data. The concept of cloud computing and how virtualization enables it offers many innovative opportunities to make the cloud environment more dynamic and versatile. VMware solutions are engineered and integrated to equip the cloud with a unique combination of benefits. Virtualization is the essential catalyst for cloud computing. We can see that by the following process: Firstly the user requests an application resource in a symbolic form (via URL). Secondly the 29
  • 2. Computer Engineering and Intelligent Systems www.iiste.org ISSN 2222-1719 (Paper) ISSN 2222-2863 (Online) Vol 3, No.2, 2012 cloud computing environment fields the request and assigns resources to the task. Thirdly resources are loaded with the required software. Finally the address of the resources is returned to the user and the application interaction proceeds. As this sequence shows, the most critical requirement for cloud computing is that users have a virtual view of their applications and should never refer to an application resource with a static address. Doing so would prevent the cloud from allocating resources flexibly. Since all cloud computing models must support a virtualized "front-end" interface to users, the management style of their virtual resources may be very different from one implementation to another. 1.2 Server-Virtualization The cloud computing system is divided into two sections as shown in Figure 1: the front end and the back end. They connect to each other through a network, usually the Internet. The front end is the client side (or the user end). The back end is the "cloud" section of the system. The front end includes the user’s computer and the application required to access the cloud computing system. All cloud computing systems do not have the same user interface. Services like Web-based e- mail programs leverage existing Web browsers like Internet Explorer or Firefox. Other systems have their own unique applications that provide network access to clients. On the back end of the system are the various servers and data storage systems that create the "cloud" of computing services. Normally, every application will have its own dedicated server to execute or run its applications. A central server administers the system, monitoring traffic and client demands to ensure everything runs efficiently and smoothly. It follows a set of rules called protocols and uses a special kind of software called middleware. Middleware allows the computer systems connected in the network to communicate with each other and exchange data. Usually, the servers do not run at full capacity which means that there is unused processing power going to waste. It is possible to overcome this problem by making a physical server act as if it is actually multiple servers, each running with its own independent operating system. The technique is called server virtualization. By maximizing the output of individual servers, server virtualization reduces the need for more physical machines. This helps in handling large amounts of loads which facilitates in scaling up and down of resources provided by the cloud. If a cloud computing company has a lot of clients, there's likely to be a high demand for a lot of storage space. Some companies require hundreds of digital storage devices. Cloud computing systems need at least twice the number of storage devices it requires to keep all its clients' information stored. That's because these devices, like all computers, occasionally break down. A cloud computing system must make a copy of all its clients' information and store it on other devices. The copies enable the central server to access backup machines to retrieve data that otherwise would be unreachable. 2. Proposed Cloud Computing Service Architecture Cloud computing delivers software, platform, and infrastructure as services, which are made available as services in a pay-per-use model to consumers. These services in industry are respectively referred to as Infrastructure as a Service (IaaS), Platform as a Service (PaaS), and Software as a Service (SaaS). These three fundamental classifications are often referred to as the “SPI Model”. The diagram describes the cloud architecture based on the SaaS, PaaS and IaaS deployment models. Understanding the relationships and dependencies between Cloud Computing models is critical to understanding Cloud Computing security risks. IaaS is the foundation of all cloud services, with PaaS building upon IaaS, and SaaS in turn building upon PaaS as described in the Cloud Reference Model diagram. In this way, just as capabilities are inherited, so are information security issues and risk. IaaS includes the entire infrastructure resource stack from the facilities to the hardware platforms that reside in them. It incorporates the capability to abstract resources, as well as deliver physical and logical 30
  • 3. Computer Engineering and Intelligent Systems www.iiste.org ISSN 2222-1719 (Paper) ISSN 2222-2863 (Online) Vol 3, No.2, 2012 connectivity to those resources. Ultimately, IaaS provides a set of APIs which allow management and other forms of interaction with the infrastructure by consumers. PaaS sits atop IaaS and adds an additional layer of integration with application development frameworks, middleware capabilities, and functions such as database, messaging, and queuing, which allow developers to build applications upon to the platform; and whose programming languages and tools are supported by the stack. SaaS in turn is built upon the underlying IaaS and PaaS stacks and provides a self-contained operating environment used to deliver the entire user experience including the content, its presentation, the applications, and management capabilities. PaaS is similar to IaaS, except that the service includes a specific set of programming languages and tools (the platform). Generally aimed at the developer community, PaaS is analogous to an on-premises application server, only with elasticity and other cloud-computing features. Since platform software is fixed with the service, PaaS places restrictions on the applications that can be built. SaaS is essentially the delivery of conventional IT applications to end users over the Internet. SaaS is analogous to a client/server model, except that the server is replaced by the SaaS provider’s data center, the clients are web browsers on desktops, and the service offers cloud computing benefits such as elasticity and pay-as-you-consume metering. SaaS gained a foothold with universal applications such as email and Customer Relationship Management (CRM) applications like Salesforce.com. 3. Comparison of the Three Service Layers of Cloud Architecture The three cloud computing service models can be viewed as a stack as depicted in Figure 3, with each layer increasing in specificity, while decreasing control of the underlying resources. The three layers sit above a virtualization layer, which itself sits above the physical servers, storages, and network hardware. It should therefore be clear that there are significant trade-offs to each model in terms of integrated features, complexity and security. Trade-offs between the three cloud-deployment models includes: • SaaS provides the most integrated functionality built directly into the offering, with the least consumer extensibility, and a relatively high level of integrated security. • PaaS is intended to enable developers to build their own applications on top of the platform. As a result it tends to be more extensible than SaaS, at the expense of customer ready features. This tradeoff extends to security features and capabilities, where the built-in capabilities are less complete, but there is more flexibility to layer on additional security. • IaaS provides few if any application-like features, but enormous extensibility. This generally means less integrated security capabilities and functionality beyond protecting the infrastructure itself. This model requires that operating systems, applications, and content be managed and secured by the cloud consumer. The key point for security architecture is that the lower down the stack the cloud service provider stops, the more security capabilities and management consumers are responsible for implementing and managing themselves. In the case of SaaS, this means that service levels, security, compliance, and expectations of the service and provider are predetermined, managed, and enforced. In the case of PaaS or IaaS it is the responsibility of the consumer’s system administrators to effectively manage the same, with some compensation by the provider for securing the underlying platform and infrastructure components to ensure basic service availability and security. 4. Proposed Cloud Forensics Steps The growth in networking connectivity, complexity and activity has been accompanied by an increase in the number of crimes committed within networks, forcing both enterprises and law enforcement to undertake highly specialized investigations. Forensic analysis, the methodical investigation of a crime scene, presents special difficulties in the virtual world. What is problematic for an investigator to do 31
  • 4. Computer Engineering and Intelligent Systems www.iiste.org ISSN 2222-1719 (Paper) ISSN 2222-2863 (Online) Vol 3, No.2, 2012 within a computer, making sense out of fragile digital data arranged in obscure and complex ways, can be very difficult within the significantly larger digital context of the network. Network forensics is the capture, recording, and analysis of network events in order to discover the source of security attacks or other problem incidents. It helps in identifying unauthorized access to computer system, and searches for evidence in case of such an occurrence. Network forensics is the ability to investigate, at a network level, things taking place or that have taken place across an IT system. The ultimate goal of network forensics is to provide sufficient evidence to allow the criminal perpetrator to be successfully prosecuted. The practical application of Network Forensics could be in areas such as hacking, fraud, insurance companies, data theft—industrial espionage, defamation, narcotics trafficking, credit card cloning, software piracy, electoral law, obscene publication, and discrimination. One of the challenges in forensics is establishing of snapshots of the system in operation. But in this case one can question if this is good enough for such a "vast" and possibly globally distributed ecosystem. Let’s take the instance of malware injected into the kernel space of a system- it is possible that it may be programmed to modify data or functionality or both. We propose that since data may be present or available in a given configuration for a limited time or be staged through different levels of storage hierarchies, we can place bounds on events in question so as to be able to capture events of interest completely and hence it will be easier to keep track of events in the cloud. The steps to be followed in forensic investigation are depicted in the proposed design described in Figure – 4. 4.1 Collection and Storage of Data Initially, to protect the data in the database, we would collect the data and store it in encrypted form. The data collection step collects all sorts of data like login, IP address etc. It mainly finishes collecting and storing network data. All the activities done in the network via a system can be stored in the database for future investigation. Forensics analysis can be initiated on a time-basis, i.e. after some time period. During this time, whatever changes have been made in the system can be collected and saved in the database, which will be taken into consideration while performing the analysis. A time- stamp can also be maintained to keep only recent modifications in the database, while removing the old ones to save memory. A checklist of malicious activities needs to be maintained as well, which will help us identify the restricted activities. This information needs to be monitored over for constant update due to the rapid growth of crime in the world. To detect an intrusion, we need examine data describing the environment’s state. The event auditor can monitor the data that the analyzers are accessing. The first component monitors message exchange between nodes. Although audit information about the communication between nodes is being captured, no network data is taken into account—only node information. The second component monitors the middleware logging system. For each action occurring in a node, a log entry is created containing the action’s type (such as error, alert, or warning), the event that generated it, and the message. With this kind of data, it’s possible to identify an ongoing intrusion. 4.1.1 Signature-Based Method Also called as Knowledge-based intrusion detection, is the most often applied technique in the field because it results in a low false-alarm rate and high positive rates, although it can’t detect unknown attack patterns. It uses rules (also called signatures) and monitors a stream of events to find malicious characteristics. 4.1.2. Behavior-Based Method Numerous methods exist for behavior-based intrusion detection, such as data mining, artificial neural networks, and artificial immunological systems. We will use a feed-forward artificial neural network, because—in contrast to traditional methods—this type of network can quickly process information, 32
  • 5. Computer Engineering and Intelligent Systems www.iiste.org ISSN 2222-1719 (Paper) ISSN 2222-2863 (Online) Vol 3, No.2, 2012 has self-learning capabilities, and can tolerate small behavior deviations. These features help overcome some limitations which are there with traditional attacks. Using this method, we need to recognize expected behavior (legitimate use) or a severe behavior deviation. Training plays a key role in the pattern recognition that feed-forward networks perform. The network must be correctly trained to efficiently detect intrusions. For a given intrusion sample set, the network learns to identify the intrusions using its retro propagation algorithm. However, we focus on identifying user behavioral patterns and deviations from such patterns. With this strategy, we can cover a wider range of unknown attacks. Behavior Analysis dictates how to compare recent user actions to the usual behavior. System needs to recognize expected behavior or deviation from regular behavior. With this strategy, we can cover a wider range of unknown attacks. This is performed on learned behavior that can’t be modified without losing the previous learning. Generating rules is the key element in this technique—it helps the expert system recognize newly discovered attacks. Creating a rule consists of defining the set of conditions that represent the attack. 4.2 Forensics Analysis Using Network Tools The forensics analysis module includes working with various tools to gather information on the present status of the network. This information will be used to check for misbehavior later on. These tools allow us to know the current scenario like the activities carried out by a user at a particular IP address, or the sites accessed by him/her, or recovery of passwords using methods such as network packet sniffing, cracking various password hashes etc. This information collected is then either used directly for invasion detection or are saved in the database to be used for detection in future. 4.3 Invasion Detection Invasion Detection module is the core of system, where the stored information is send for signature based analysis. In this method, all the data which has been collected so far is evaluated against the restricted checklist currently available in the database. This will allow us to detect whether an intrusion has occurred in the system. This is done by using pattern matching techniques where the occurrence of a sequence of tokens from the available checklist is matched with the inputted string (collected data). If match is successful, then alarm is generated and the detected network data is saved and logged in the result database, so that not only the original data is saved in the database, but also the data of invasion analysis. 4.4 Logging the Result in the Database The result of the analysis is gathered together and depicted in a presentable and acceptable manner. Using the result obtained and conducting flow statistical analysis on data, invasion data restoration, and inquiry analysis, a detailed invasion report can be generated to be presented to the higher authorities. Some new virus, new invasion methods of hacker and tools which can’t be detected during invasion detecting and module analysis can be explored and worked upon to be saved in the checklist. References http://www.cloudcomputingmodel.com/ http://www.vmware.com/solutions/cloud-computing/index.html http://www.cloudcomputingarchitecture.net/ http://www.tatacommunications.com/downloads/whitepapers/Tata_Communications_IaaS_WhitePaper_v2. 0-web 33
  • 6. Computer Engineering and Intelligent Systems www.iiste.org ISSN 2222-1719 (Paper) ISSN 2222-2863 (Online) Vol 3, No.2, 2012 “Oracle Platform as a Service (PaaS) FAQ”; platform-as-a-service-faq-v4-444924 Platform-as-a-Service Private Cloud with Oracle Fusion Middleware, An Oracle White Paper, October 2009 Keyun Ruan, Prof. Joe Carthy, Prof. Tahar Kechadi, Mark Crosbie, Cloud forensics: An overview, Centre for Cybercrime Ivestigation, University College Dublin. http://www.sei.cmu.edu/library/assets/presentations/Cloud%20Computing%20Architecture%20- %20Gerald%20Kaefer.pdf Computer and Network Forensics Evidence Investigation Tools, http://www.edecision4u.com/ Network Forensics, http://en.wikipedia.org/wiki/Network_forensics Resource Centre for Cyber Forensics India, http://www.cyberforensics.in/(A(cos8NMWQywEkAAAAODMwODM4YWMtNWFmZC00ZWNhLThk NDEtNTlhMWM3MGE5MzA5hkCziwldj9ts_CCtkjYQI68akds1))/Research/NetworkForensics.aspx Figure 1. Software Server - Virtualization Layer 34
  • 7. Computer Engineering and Intelligent Systems www.iiste.org ISSN 2222-1719 (Paper) ISSN 2222-2863 (Online) Vol 3, No.2, 2012 Figure 2. Proposed Cloud Architecture Figure 3. The SPI Layers of Cloud Computing Service Model 35
  • 8. Computer Engineering and Intelligent Systems www.iiste.org ISSN 2222-1719 (Paper) ISSN 2222-2863 (Online) Vol 3, No.2, 2012 Figure 4. Proposed design and Implementation Steps 36
  • 9. International Journals Call for Paper The IISTE, a U.S. publisher, is currently hosting the academic journals listed below. The peer review process of the following journals usually takes LESS THAN 14 business days and IISTE usually publishes a qualified article within 30 days. Authors should send their full paper to the following email address. More information can be found in the IISTE website : www.iiste.org Business, Economics, Finance and Management PAPER SUBMISSION EMAIL European Journal of Business and Management EJBM@iiste.org Research Journal of Finance and Accounting RJFA@iiste.org Journal of Economics and Sustainable Development JESD@iiste.org Information and Knowledge Management IKM@iiste.org Developing Country Studies DCS@iiste.org Industrial Engineering Letters IEL@iiste.org Physical Sciences, Mathematics and Chemistry PAPER SUBMISSION EMAIL Journal of Natural Sciences Research JNSR@iiste.org Chemistry and Materials Research CMR@iiste.org Mathematical Theory and Modeling MTM@iiste.org Advances in Physics Theories and Applications APTA@iiste.org Chemical and Process Engineering Research CPER@iiste.org Engineering, Technology and Systems PAPER SUBMISSION EMAIL Computer Engineering and Intelligent Systems CEIS@iiste.org Innovative Systems Design and Engineering ISDE@iiste.org Journal of Energy Technologies and Policy JETP@iiste.org Information and Knowledge Management IKM@iiste.org Control Theory and Informatics CTI@iiste.org Journal of Information Engineering and Applications JIEA@iiste.org Industrial Engineering Letters IEL@iiste.org Network and Complex Systems NCS@iiste.org Environment, Civil, Materials Sciences PAPER SUBMISSION EMAIL Journal of Environment and Earth Science JEES@iiste.org Civil and Environmental Research CER@iiste.org Journal of Natural Sciences Research JNSR@iiste.org Civil and Environmental Research CER@iiste.org Life Science, Food and Medical Sciences PAPER SUBMISSION EMAIL Journal of Natural Sciences Research JNSR@iiste.org Journal of Biology, Agriculture and Healthcare JBAH@iiste.org Food Science and Quality Management FSQM@iiste.org Chemistry and Materials Research CMR@iiste.org Education, and other Social Sciences PAPER SUBMISSION EMAIL Journal of Education and Practice JEP@iiste.org Journal of Law, Policy and Globalization JLPG@iiste.org Global knowledge sharing: New Media and Mass Communication NMMC@iiste.org EBSCO, Index Copernicus, Ulrich's Journal of Energy Technologies and Policy JETP@iiste.org Periodicals Directory, JournalTOCS, PKP Historical Research Letter HRL@iiste.org Open Archives Harvester, Bielefeld Academic Search Engine, Elektronische Public Policy and Administration Research PPAR@iiste.org Zeitschriftenbibliothek EZB, Open J-Gate, International Affairs and Global Strategy IAGS@iiste.org OCLC WorldCat, Universe Digtial Library , Research on Humanities and Social Sciences RHSS@iiste.org NewJour, Google Scholar. Developing Country Studies DCS@iiste.org IISTE is member of CrossRef. All journals Arts and Design Studies ADS@iiste.org have high IC Impact Factor Values (ICV).