Location via proxy:   [ UP ]  
[Report a bug]   [Manage cookies]                
Skip to main content
SpringerLink
Log in

Cloud-Based Framework for Performing Digital Forensic Investigations

  • Published:
International Journal of Wireless Information Networks Aims and scope Submit manuscript

Abstract

Cloud computing has created paradigm transitions from traditional computing. Acquisition rates increase with benefits such as lower costs and better utilization of resources. However, these benefits are accompanied by some of the challenges of computer forensics practice. The complexity of the Cloud computing, its key features, and its implementation all present several challenges for computer forensic researchers. In this paper, two surveys have been conducted to collect Cloud computing/forensic recommendations. The impact assessment (survey 1) has been conducted to determine the nature and extent of the impact of Cloud computing on computer forensics. A total of 104 Cloud Computing-based or computer forensics-based responses have been collected. Based on the impact assessment results, a Cloud-based framework has been proposed to assist in the fight against global digital crime, especially those committed within the cloud environment, bringing it with the challenges of law enforcement and digital forensic professionals. The proposed framework contains a set of guidelines and a cloud-based forensics model. In addition, the proposed framework will assist in the investigation. It is thought that criminals use the complexity of the cloud to hide strong and obvious evidence away from investigators and thus avoid prosecution and sentencing. In addition, this study identifies limitations and research gaps in existing solutions. The framework has been then validated with an online survey (survey 2) focused on 20 cloud computing or computer forensics experts. The result of study 1 confirms the impact of cloud computing on computer forensics. Further, it indicates that environmental factors and structures such as distributed storage, high recruitment, and virtualization have posed various challenges to the digital forensics process. In addition, the result concludes that the proposed framework addresses many of the issues and challenges discussed at a particular level of efficiency and effectiveness.

This is a preview of subscription content, log in via an institution to check access.

Access this article

Log in via an institution

Subscribe and save

Springer+ Basic
$34.99 /Month
  • Get 10 units per month
  • Download Article/Chapter or eBook
  • 1 Unit = 1 Article or 1 Chapter
  • Cancel anytime
Subscribe now

Buy Now

Price excludes VAT (USA)
Tax calculation will be finalised during checkout.

Instant access to the full article PDF.

Institutional subscriptions

Fig. 1

Similar content being viewed by others

References

  1. M. Damshenas, A. Dehghantanha, R. Mahmoud, and S. Bin Shamsuddin, Forensics investigation challenges in cloud computing environments, 2012. https://doi.org/10.1109/CyberSec.2012.6246092.

  2. K. Sharma, P. K., Kaushik, P. S., Agarwal, P., Jain, P., Agarwal, S., and Dixit, Issues and challenges of data security in a cloud computing environment, in Annual Ubiquitous Computing, Electronics and Mobile Communication Conference (UEMCON), 2017, pp. 560–566.

  3. U. Anwar, H. A. Umair, A. Sikander, and Z. U. Abedin, Government cloud adoption and architecture, 2019. https://doi.org/10.1109/ICOMET.2019.8673457.

  4. J. Baldwin, O. M. K. Alhawi, S. Shaughnessy, A. Akinbi, and A. Dehghantanha, Emerging from the cloud: a bibliometric analysis of cloud forensics studies, Advances in Information Security, 2018.

  5. L. Chen, N.-A. Le-Khac, S. Schlepphorst, and L. Xu, Cloud Forensics, Security, Privacy, and Digital Forensics in the Cloud, pp. 201–216, 2019.

  6. S. Biggs and S. Vidalis, Cloud computing: the impact on digital forensic investigations,Conference: Internet Technology and Secured Transactions, 2009. ICITST. 2009. https://doi.org/10.1109/ICITST.2009.5402561

  7. Zafarullah, F. Anwar, and Z. Anwar, Digital forensics for Eucalyptus, in Proceedings - 2011 9th International Conference on Frontiers of Information Technology, FIT 2011, pp. 110–116, 2011. https://doi.org/10.1109/FIT.2011.28.

  8. S. B. S. Farid Daryabar, A. Dehghantanha, N. I. Udzir and N. Fazlida Binti Mohd Sani, A survey about impacts of cloud computing on digital forensics, International Journal of Cyber-Security and Digital Forensics, Vol. 2, No. 2, pp. 77–94, 2013.

    Google Scholar 

  9. D. Reilly, C. Wren, and T. Berry, Cloud computing: Forensic challenges for law enforcement, Internet Technol. Secur. Trans. (ICITST), 2010 Int. Conf., 2010.

  10. B. Martini and K. K. R. Choo, An integrated conceptual digital forensic framework for cloud computing, Digital Investigation, Vol. 9, No. 2, pp. 71–80, 2012. https://doi.org/10.1016/j.diin.2012.07.001.

    Article  Google Scholar 

  11. J. Plunkett, N.-A. Le-Khac, and T. Kechadi, Digital Forensic Investigations in the Cloud: A Proposed Approach for Irish Law Enforcement, 11th Annual IFIP WG 11.9 International Conference on Digital Forensics (IFIP119 2015), Orlando, Florida, United States,, 2015.

  12. W. Yassin, M. Faizal Abdollah, R. Ahmad, Z. Yunos and A. Ariffin, Cloud forensic challenges and recommendations: a review, Journal Cyber Security, Vol. 2, No. 1, pp. 19–29, 2020.

    Google Scholar 

  13. B. Manral, G. Somani, K. K. R. Choo, M. Conti and M. S. Gaur, A systematic survey on cloud forensics challenges, solutions, and future directions, ACM Computing Survey, 2019. https://doi.org/10.1145/3361216.

    Article  Google Scholar 

  14. A. Pichan, M. Lazarescu and S. T. Soh, Cloud forensics: technical challenges, solutions and comparative analysis, Digital Investigation, 2015. https://doi.org/10.1016/j.diin.2015.03.002.

    Article  Google Scholar 

  15. B. Martini and K. K. R. Choo, Cloud forensic technical challenges and solutions: a snapshot, IEEE Cloud Computing, 2014. https://doi.org/10.1109/MCC.2014.69.

    Article  Google Scholar 

  16. P. Dixit, R. Kohli, A. Acevedo-Duque, R. R. Gonzalez-Diaz and R. H. Jhaveri, Comparing and analyzing applications of intelligent techniques in cyberattack detection, Security and Communication Networks, 2021. https://doi.org/10.1155/2021/5561816.

    Article  Google Scholar 

  17. V. Subramaniyaswamy, et al., Somewhat homomorphic encryption: ring learning with error algorithm for faster encryption of IoT sensor signal-based edge devices, Security and Communiction Networks, 2022. https://doi.org/10.1155/2022/2793998.

    Article  Google Scholar 

  18. V. Prakash, A. Williams, L. Garg, C. Savaglio and S. Bawa, Cloud and edge computing-based computer forensics: challenges and open problems, Electronics, Vol. 10, No. 11, pp. 1229, 2021. https://doi.org/10.3390/electronics10111229.

    Article  Google Scholar 

  19. J. Han, J. Kim, and S. Lee, 5W1H-based expression for the effective sharing of information in digital forensic investigations, arXiv Prepr. arXiv2010.15711, 2020.

  20. R. Mckemmish, What is forensic computing ?, Change, Vol. 118, No. 118, pp. 1–6, 1999.

    Google Scholar 

  21. L. Le‐Khac, N. A., Plunkett, J., Kechadi, M. T., and Chen, Digital forensic process and model in the cloud, Security, Privacy, and Digital Forensics in the Cloud, p. 239, 2019.

  22. M. Khanafseh, M. Qatawneh and W. Almobaideen, A survey of various frameworks and solutions in all branches of digital forensics with a focus on cloud forensics, International Journal of Advanced Computer Science and Applications, Vol. 10, No. 8, pp. 610–629, 2019. https://doi.org/10.14569/ijacsa.2019.0100880.

    Article  Google Scholar 

  23. A. Razaque, M. Aloqaily, M. Almiani, Y. Jararweh and G. Srivastava, Efficient and reliable forensics using intelligent edge computing, Future Generation Computer System, Vol. 118, pp. 230–239, 2021. https://doi.org/10.1016/j.future.2021.01.012.

    Article  Google Scholar 

  24. S. Alqahtany, N. Clarke, S. Furnell, and C. Reich, Cloud forensics: a review of challenges, solutions and open problems, 2015. https://doi.org/10.1109/CLOUDCOMP.2015.7149635.

  25. N. H. Ab Rahman, W. B. Glisson, Y. Yang and K. K. R. Choo, Forensic-by-design framework for cyber-physical cloud systems, IEEE Cloud Computing, Vol. 3, No. 1, pp. 50–59, 2016. https://doi.org/10.1109/MCC.2016.5.

    Article  Google Scholar 

  26. M. E. Alex and R. Kishore, Forensics framework for cloud computing, Computers and Electrical Engineering, Vol. 60, pp. 193–205, 2017. https://doi.org/10.1016/j.compeleceng.2017.02.006.

    Article  Google Scholar 

  27. G. N. Samy, B. Shanmugam, N. Maarop, P. Magalingam, S. Perumal, and S. H. Albakri, Digital forensic challenges in the cloud computing environment, Lecture Notes on Data Engineering and Communications Technologies, vol. 5, pp. 669–676, 2018.

  28. S. Urias, V., Young, J., and Hatcher, Implications of cloud computing on digital forensics, Journal Computing vol. 1, no. 1, 2018.

  29. M. E. Alex and R. Kishore, Forensic model for cloud computing: an overview, 2016. https://doi.org/10.1109/WiSPNET.2016.7566345.

  30. V. R. Kebande and H. S. Venter, Novel digital forensic readiness technique in the cloud environment, Australian Journal of Forensic Sciences, 2018. https://doi.org/10.1080/00450618.2016.1267797.

    Article  Google Scholar 

  31. F. Srinivasan, A., and Ferrese, Forensics‐as‐a‐Service (FaaS) in the State‐of‐the‐Art Cloud, Security, Privacy, and Digital Forensics in the Cloud, p. 321, 2019.

  32. J. Dykstra and A. T. Sherman, forensic evidence from infrastructure-as-a-service cloud computing: Exploring and evaluating tools, trust, and techniques, 2012, https://doi.org/10.1016/j.diin.2012.05.001.

  33. V. Roussev, I. Ahmed, A. Barreto, S. McCulley and V. Shanmughan, Cloud forensics–Tool development studies & future outlook, Digit. Investig., 2016. https://doi.org/10.1016/j.diin.2016.05.001.

    Article  Google Scholar 

  34. E. Morioka and M. S. Sharbaf, forensics research on cloud computing: an investigation of cloud forensics solutions. 2016. https://doi.org/10.1109/THS.2016.7568909.

  35. S. Rahman and M. N. A. Khan, Review of live forensic analysis techniques, International Journal of Hybrid Information Technology, 2015. https://doi.org/10.14257/ijhit.2015.8.2.35.

    Article  Google Scholar 

  36. R. A. Awad, S. Beztchi, J. M. Smith, B. Lyles, and S. Prowell, Tools, techniques, and methodologies: a survey of digital forensics for SCADA Systems, in: 4th Annual Industrial Control System Security Workshop, pp. 1–8, 2018.

  37. G. Horsman, Tool testing and reliability issues in the field of digital forensics, Digitial Investigation, 2019. https://doi.org/10.1016/j.diin.2019.01.009.

    Article  Google Scholar 

  38. H. Arshad, A. Bin Jantan and O. I. Abiodun, Digital forensics: review of issues in scientific validation of digital evidence, Journal of Information Processing Systems, 2018. https://doi.org/10.3745/JIPS.03.0095.

    Article  Google Scholar 

  39. L. Caviglione, S. Wendzel and W. Mazurczyk, The future of digital forensics: challenges and the road ahead, IEEE Security and Private, Vol. 15, No. 6, pp. 12–17, 2017. https://doi.org/10.1109/MSP.2017.4251117.

    Article  Google Scholar 

  40. C. Esposito, A. Castiglione, F. Pop and K. K. R. Choo, Challenges of connecting edge and cloud computing: a security and forensic perspective, IEEE Cloud Computing, Vol. 4, No. 2, pp. 13–17, 2017. https://doi.org/10.1109/MCC.2017.30.

    Article  Google Scholar 

  41. J. I. James and Y. Jang, Practical and legal challenges of cloud investigations, The Journal of the Institute of Webcasting, Internet and Telecommunication., Vol. 14, No. 6, pp. 33–39, 2014. https://doi.org/10.7236/jiibc.2014.14.6.33.

    Article  Google Scholar 

  42. N. M. Karie and H. S. Venter, Taxonomy of challenges for digital forensics, J. Forensic Sci., Vol. 60, No. 4, pp. 885–893, 2015. https://doi.org/10.1111/1556-4029.12809.

    Article  Google Scholar 

  43. E. A. Vincze, Challenges in digital forensics, Police Pract. Res., Vol. 17, No. 2, pp. 183–194, 2016. https://doi.org/10.1080/15614263.2015.1128163.

    Article  Google Scholar 

  44. J. Stanly Jayaprakash, K. Balasubramanian, R. Sulaiman, M. K. Hasan, B. D. Parameshachari and C. Iwendi, Cloud data encryption and authentication based on enhanced merkle hash tree method, Computers, Materials and Continua., Vol. 72, No. 1, pp. 519–534, 2022.

    Article  Google Scholar 

  45. A. Badshah, A. Jalal, U. Farooq, G.-U. Rehman, S. S. Band and C. Iwendi, Service level agreement monitoring as a service: an independent monitoring service for service level agreements in clouds, Big Data, 2022. https://doi.org/10.1089/big.2021.0274.

    Article  Google Scholar 

  46. M. Shabbir, et al., Enhancing security of health information using modular encryption standard in mobile cloud computing, IEEE Access, Vol. 9, pp. 8820–8834, 2021. https://doi.org/10.1109/ACCESS.2021.3049564.

    Article  Google Scholar 

  47. R. H. Jhaveri, S. V. Ramani, G. Srivastava, T. R. Gadekallu and V. Aggarwal, Fault-resilience for bandwidth management in industrial software-defined networks, IEEE Transactions on Network Science and Engineering, Vol. 8, No. 4, pp. 3129–3139, 2021. https://doi.org/10.1109/tnse.2021.3104499.

    Article  Google Scholar 

  48. NIST, Guide to integrating forensic techniques into incident response (NIST Special Publication 800–86), 2006. https://doi.org/10.6028/NIST.SP.800-86.

  49. R. Jones, Digital evidence and computer crime: forensic science, computers and the internet, International Journal of Law and Information Technology, 2004. https://doi.org/10.1093/ijlit/11.1.98-a.

    Article  Google Scholar 

  50. J. Kizza and F. Migga Kizza, Digital Evidence and Computer Crime. Academic press., 2011.

  51. V. Baryamureeba and T. Florence, The enhanced digital investigation process model, Asian Journal of Information Science and Technology, 2006. https://doi.org/10.1042/BJ20030193.

    Article  Google Scholar 

  52. S. L. Garfinkel, Digital forensics research: the next 10 years, Digital Investigation, 2010. https://doi.org/10.1016/j.diin.2010.05.009.

    Article  Google Scholar 

  53. S. Raghavan, Digital forensic research: current state of the art, CSI Trans. ICT, Vol. 1, No. 1, pp. 91–114, 2013. https://doi.org/10.1007/s40012-012-0008-7.

    Article  Google Scholar 

  54. B. K. S. P. K. R. Alluri and G. Geethakumari, A digital forensic model for introspection of virtual machines in cloud computing, 2015. https://doi.org/10.1109/SPICES.2015.7091553.

  55. R. Panigrahi, et al., Performance assessment of supervised classifiers for designing intrusion detection systems: a comprehensive review and recommendations for future research, Mathematics, 2021. https://doi.org/10.3390/math9060690.

    Article  Google Scholar 

  56. J. Paramguru, et al., Addressing economic dispatch problem with multiple fuels using oscillatory particle swarm Optimization, Computers, Materials and Continua, Vol. 69, No. 3, pp. 2863–2882, 2021. https://doi.org/10.32604/cmc.2021.016002.

    Article  Google Scholar 

  57. C. Dawson, Projects in Computing and Information Systems A Student ’ s Guide. 2005.

  58. M. Saunders, P. Lewis, and A. Thornhill, Research Methods for Business Students Fifth edition, in Research Methods for Business Students Fifth edition, 2009.

  59. H. Rameshbhai Patel and J. M. Joseph, Questionnaire designing process: a review, Journal Clinical Trials, 2016. https://doi.org/10.4172/2167-0870.1000255.

    Article  Google Scholar 

  60. N. Lallmahomed, Elementary Statistics using JMP, J. R. Stat. Soc. Ser. A (Statistics Soc.), 2008. https://doi.org/10.1111/j.1467-985x.2008.00538_10.x

  61. Sample Size Calculator.”

  62. E. C. Hedberg and E. C. Hedberg, Statistical Distributions. John Wiley & Sons, 2018.

  63. P. Lehman, 101 design methods: A structured approach for driving innovation in your organization [Book Review], no. Apr 2013. John Wiley & Sons, 2013.

  64. A. A. Adams and R. McCrindle, Pandora’s Box: Social and Professional Issues of the Information Age, vol. 1. John Wiley & Sons., 2008.

  65. T. Sang, A log-based approach to make digital forensics easier on cloud computing, 2013, https://doi.org/10.1109/ISDEA.2012.29.

  66. D. Reilly, C. Wren and T. Berry, Cloud computing: pros and cons for computer forensic investigations, International Journal of Multimedia and Image Processing, 2011. https://doi.org/10.20533/ijmip.2042.4647.2011.0004.

    Article  Google Scholar 

  67. J. Networks, Securing Multi-Tenancy and Cloud Computing, 2012.

  68. Passware Encryption Analyzer 2016 V.1, 2016. .

  69. G. Albaum, The Likert scale revisited: An alternate version,Journal of the Market Research Society, 1997.

  70. Approaches to the Analysis of Survey Data, 2001.

  71. L. Del Greco, W. Walop and R. H. McCarthy, Questionnaire development: 2. Validity and reliability, CMJ, Vol. 136, No. 7, pp. 699, 1987.

    Google Scholar 

  72. Dr. R. Venkitachalam, Presentation: Validity and reliability of questionnaires, 2015.

Download references

Author information

Authors and Affiliations

  1. Thapar Institute of Engineering and Technology, Patiala, Punjab, India

    Vijay Prakash

  2. University of Liverpool, Liverpool, UK

    Alex Williams

  3. University of Malta, Msida, Malta

    Lalit Garg

  4. Department of ICT, Pandit Deendayal Energy University, Gandhinagar, India

    Pradip Barik

  5. School of Computing Science and Engineering, Galgotias University, Greater Noida, Uttar Pradesh, India

    Rajesh Kumar Dhanaraj

Authors
  1. Vijay Prakash
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Alex Williams
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Lalit Garg
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Pradip Barik
    View author publications

    You can also search for this author in PubMed Google Scholar

  5. Rajesh Kumar Dhanaraj
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Vijay Prakash.

Additional information

Publisher's Note

Springer Nature remains neutral with regard to jurisdictional claims in published maps and institutional affiliations.

Supplementary Information

Rights and permissions

Reprints and permissions

About this article

Check for updates. Verify currency and authenticity via CrossMark

Cite this article

Prakash, V., Williams, A., Garg, L. et al. Cloud-Based Framework for Performing Digital Forensic Investigations. Int J Wireless Inf Networks 29, 419–441 (2022). https://doi.org/10.1007/s10776-022-00560-z

Download citation

  • Received:

  • Revised:

  • Accepted:

  • Published:

  • Issue Date:

  • DOI: https://doi.org/10.1007/s10776-022-00560-z

Keywords

Search

Navigation