Abstract
Cloud computing has created paradigm transitions from traditional computing. Acquisition rates increase with benefits such as lower costs and better utilization of resources. However, these benefits are accompanied by some of the challenges of computer forensics practice. The complexity of the Cloud computing, its key features, and its implementation all present several challenges for computer forensic researchers. In this paper, two surveys have been conducted to collect Cloud computing/forensic recommendations. The impact assessment (survey 1) has been conducted to determine the nature and extent of the impact of Cloud computing on computer forensics. A total of 104 Cloud Computing-based or computer forensics-based responses have been collected. Based on the impact assessment results, a Cloud-based framework has been proposed to assist in the fight against global digital crime, especially those committed within the cloud environment, bringing it with the challenges of law enforcement and digital forensic professionals. The proposed framework contains a set of guidelines and a cloud-based forensics model. In addition, the proposed framework will assist in the investigation. It is thought that criminals use the complexity of the cloud to hide strong and obvious evidence away from investigators and thus avoid prosecution and sentencing. In addition, this study identifies limitations and research gaps in existing solutions. The framework has been then validated with an online survey (survey 2) focused on 20 cloud computing or computer forensics experts. The result of study 1 confirms the impact of cloud computing on computer forensics. Further, it indicates that environmental factors and structures such as distributed storage, high recruitment, and virtualization have posed various challenges to the digital forensics process. In addition, the result concludes that the proposed framework addresses many of the issues and challenges discussed at a particular level of efficiency and effectiveness.
Similar content being viewed by others
References
M. Damshenas, A. Dehghantanha, R. Mahmoud, and S. Bin Shamsuddin, Forensics investigation challenges in cloud computing environments, 2012. https://doi.org/10.1109/CyberSec.2012.6246092.
K. Sharma, P. K., Kaushik, P. S., Agarwal, P., Jain, P., Agarwal, S., and Dixit, Issues and challenges of data security in a cloud computing environment, in Annual Ubiquitous Computing, Electronics and Mobile Communication Conference (UEMCON), 2017, pp. 560–566.
U. Anwar, H. A. Umair, A. Sikander, and Z. U. Abedin, Government cloud adoption and architecture, 2019. https://doi.org/10.1109/ICOMET.2019.8673457.
J. Baldwin, O. M. K. Alhawi, S. Shaughnessy, A. Akinbi, and A. Dehghantanha, Emerging from the cloud: a bibliometric analysis of cloud forensics studies, Advances in Information Security, 2018.
L. Chen, N.-A. Le-Khac, S. Schlepphorst, and L. Xu, Cloud Forensics, Security, Privacy, and Digital Forensics in the Cloud, pp. 201–216, 2019.
S. Biggs and S. Vidalis, Cloud computing: the impact on digital forensic investigations,Conference: Internet Technology and Secured Transactions, 2009. ICITST. 2009. https://doi.org/10.1109/ICITST.2009.5402561
Zafarullah, F. Anwar, and Z. Anwar, Digital forensics for Eucalyptus, in Proceedings - 2011 9th International Conference on Frontiers of Information Technology, FIT 2011, pp. 110–116, 2011. https://doi.org/10.1109/FIT.2011.28.
S. B. S. Farid Daryabar, A. Dehghantanha, N. I. Udzir and N. Fazlida Binti Mohd Sani, A survey about impacts of cloud computing on digital forensics, International Journal of Cyber-Security and Digital Forensics, Vol. 2, No. 2, pp. 77–94, 2013.
D. Reilly, C. Wren, and T. Berry, Cloud computing: Forensic challenges for law enforcement, Internet Technol. Secur. Trans. (ICITST), 2010 Int. Conf., 2010.
B. Martini and K. K. R. Choo, An integrated conceptual digital forensic framework for cloud computing, Digital Investigation, Vol. 9, No. 2, pp. 71–80, 2012. https://doi.org/10.1016/j.diin.2012.07.001.
J. Plunkett, N.-A. Le-Khac, and T. Kechadi, Digital Forensic Investigations in the Cloud: A Proposed Approach for Irish Law Enforcement, 11th Annual IFIP WG 11.9 International Conference on Digital Forensics (IFIP119 2015), Orlando, Florida, United States,, 2015.
W. Yassin, M. Faizal Abdollah, R. Ahmad, Z. Yunos and A. Ariffin, Cloud forensic challenges and recommendations: a review, Journal Cyber Security, Vol. 2, No. 1, pp. 19–29, 2020.
B. Manral, G. Somani, K. K. R. Choo, M. Conti and M. S. Gaur, A systematic survey on cloud forensics challenges, solutions, and future directions, ACM Computing Survey, 2019. https://doi.org/10.1145/3361216.
A. Pichan, M. Lazarescu and S. T. Soh, Cloud forensics: technical challenges, solutions and comparative analysis, Digital Investigation, 2015. https://doi.org/10.1016/j.diin.2015.03.002.
B. Martini and K. K. R. Choo, Cloud forensic technical challenges and solutions: a snapshot, IEEE Cloud Computing, 2014. https://doi.org/10.1109/MCC.2014.69.
P. Dixit, R. Kohli, A. Acevedo-Duque, R. R. Gonzalez-Diaz and R. H. Jhaveri, Comparing and analyzing applications of intelligent techniques in cyberattack detection, Security and Communication Networks, 2021. https://doi.org/10.1155/2021/5561816.
V. Subramaniyaswamy, et al., Somewhat homomorphic encryption: ring learning with error algorithm for faster encryption of IoT sensor signal-based edge devices, Security and Communiction Networks, 2022. https://doi.org/10.1155/2022/2793998.
V. Prakash, A. Williams, L. Garg, C. Savaglio and S. Bawa, Cloud and edge computing-based computer forensics: challenges and open problems, Electronics, Vol. 10, No. 11, pp. 1229, 2021. https://doi.org/10.3390/electronics10111229.
J. Han, J. Kim, and S. Lee, 5W1H-based expression for the effective sharing of information in digital forensic investigations, arXiv Prepr. arXiv2010.15711, 2020.
R. Mckemmish, What is forensic computing ?, Change, Vol. 118, No. 118, pp. 1–6, 1999.
L. Le‐Khac, N. A., Plunkett, J., Kechadi, M. T., and Chen, Digital forensic process and model in the cloud, Security, Privacy, and Digital Forensics in the Cloud, p. 239, 2019.
M. Khanafseh, M. Qatawneh and W. Almobaideen, A survey of various frameworks and solutions in all branches of digital forensics with a focus on cloud forensics, International Journal of Advanced Computer Science and Applications, Vol. 10, No. 8, pp. 610–629, 2019. https://doi.org/10.14569/ijacsa.2019.0100880.
A. Razaque, M. Aloqaily, M. Almiani, Y. Jararweh and G. Srivastava, Efficient and reliable forensics using intelligent edge computing, Future Generation Computer System, Vol. 118, pp. 230–239, 2021. https://doi.org/10.1016/j.future.2021.01.012.
S. Alqahtany, N. Clarke, S. Furnell, and C. Reich, Cloud forensics: a review of challenges, solutions and open problems, 2015. https://doi.org/10.1109/CLOUDCOMP.2015.7149635.
N. H. Ab Rahman, W. B. Glisson, Y. Yang and K. K. R. Choo, Forensic-by-design framework for cyber-physical cloud systems, IEEE Cloud Computing, Vol. 3, No. 1, pp. 50–59, 2016. https://doi.org/10.1109/MCC.2016.5.
M. E. Alex and R. Kishore, Forensics framework for cloud computing, Computers and Electrical Engineering, Vol. 60, pp. 193–205, 2017. https://doi.org/10.1016/j.compeleceng.2017.02.006.
G. N. Samy, B. Shanmugam, N. Maarop, P. Magalingam, S. Perumal, and S. H. Albakri, Digital forensic challenges in the cloud computing environment, Lecture Notes on Data Engineering and Communications Technologies, vol. 5, pp. 669–676, 2018.
S. Urias, V., Young, J., and Hatcher, Implications of cloud computing on digital forensics, Journal Computing vol. 1, no. 1, 2018.
M. E. Alex and R. Kishore, Forensic model for cloud computing: an overview, 2016. https://doi.org/10.1109/WiSPNET.2016.7566345.
V. R. Kebande and H. S. Venter, Novel digital forensic readiness technique in the cloud environment, Australian Journal of Forensic Sciences, 2018. https://doi.org/10.1080/00450618.2016.1267797.
F. Srinivasan, A., and Ferrese, Forensics‐as‐a‐Service (FaaS) in the State‐of‐the‐Art Cloud, Security, Privacy, and Digital Forensics in the Cloud, p. 321, 2019.
J. Dykstra and A. T. Sherman, forensic evidence from infrastructure-as-a-service cloud computing: Exploring and evaluating tools, trust, and techniques, 2012, https://doi.org/10.1016/j.diin.2012.05.001.
V. Roussev, I. Ahmed, A. Barreto, S. McCulley and V. Shanmughan, Cloud forensics–Tool development studies & future outlook, Digit. Investig., 2016. https://doi.org/10.1016/j.diin.2016.05.001.
E. Morioka and M. S. Sharbaf, forensics research on cloud computing: an investigation of cloud forensics solutions. 2016. https://doi.org/10.1109/THS.2016.7568909.
S. Rahman and M. N. A. Khan, Review of live forensic analysis techniques, International Journal of Hybrid Information Technology, 2015. https://doi.org/10.14257/ijhit.2015.8.2.35.
R. A. Awad, S. Beztchi, J. M. Smith, B. Lyles, and S. Prowell, Tools, techniques, and methodologies: a survey of digital forensics for SCADA Systems, in: 4th Annual Industrial Control System Security Workshop, pp. 1–8, 2018.
G. Horsman, Tool testing and reliability issues in the field of digital forensics, Digitial Investigation, 2019. https://doi.org/10.1016/j.diin.2019.01.009.
H. Arshad, A. Bin Jantan and O. I. Abiodun, Digital forensics: review of issues in scientific validation of digital evidence, Journal of Information Processing Systems, 2018. https://doi.org/10.3745/JIPS.03.0095.
L. Caviglione, S. Wendzel and W. Mazurczyk, The future of digital forensics: challenges and the road ahead, IEEE Security and Private, Vol. 15, No. 6, pp. 12–17, 2017. https://doi.org/10.1109/MSP.2017.4251117.
C. Esposito, A. Castiglione, F. Pop and K. K. R. Choo, Challenges of connecting edge and cloud computing: a security and forensic perspective, IEEE Cloud Computing, Vol. 4, No. 2, pp. 13–17, 2017. https://doi.org/10.1109/MCC.2017.30.
J. I. James and Y. Jang, Practical and legal challenges of cloud investigations, The Journal of the Institute of Webcasting, Internet and Telecommunication., Vol. 14, No. 6, pp. 33–39, 2014. https://doi.org/10.7236/jiibc.2014.14.6.33.
N. M. Karie and H. S. Venter, Taxonomy of challenges for digital forensics, J. Forensic Sci., Vol. 60, No. 4, pp. 885–893, 2015. https://doi.org/10.1111/1556-4029.12809.
E. A. Vincze, Challenges in digital forensics, Police Pract. Res., Vol. 17, No. 2, pp. 183–194, 2016. https://doi.org/10.1080/15614263.2015.1128163.
J. Stanly Jayaprakash, K. Balasubramanian, R. Sulaiman, M. K. Hasan, B. D. Parameshachari and C. Iwendi, Cloud data encryption and authentication based on enhanced merkle hash tree method, Computers, Materials and Continua., Vol. 72, No. 1, pp. 519–534, 2022.
A. Badshah, A. Jalal, U. Farooq, G.-U. Rehman, S. S. Band and C. Iwendi, Service level agreement monitoring as a service: an independent monitoring service for service level agreements in clouds, Big Data, 2022. https://doi.org/10.1089/big.2021.0274.
M. Shabbir, et al., Enhancing security of health information using modular encryption standard in mobile cloud computing, IEEE Access, Vol. 9, pp. 8820–8834, 2021. https://doi.org/10.1109/ACCESS.2021.3049564.
R. H. Jhaveri, S. V. Ramani, G. Srivastava, T. R. Gadekallu and V. Aggarwal, Fault-resilience for bandwidth management in industrial software-defined networks, IEEE Transactions on Network Science and Engineering, Vol. 8, No. 4, pp. 3129–3139, 2021. https://doi.org/10.1109/tnse.2021.3104499.
NIST, Guide to integrating forensic techniques into incident response (NIST Special Publication 800–86), 2006. https://doi.org/10.6028/NIST.SP.800-86.
R. Jones, Digital evidence and computer crime: forensic science, computers and the internet, International Journal of Law and Information Technology, 2004. https://doi.org/10.1093/ijlit/11.1.98-a.
J. Kizza and F. Migga Kizza, Digital Evidence and Computer Crime. Academic press., 2011.
V. Baryamureeba and T. Florence, The enhanced digital investigation process model, Asian Journal of Information Science and Technology, 2006. https://doi.org/10.1042/BJ20030193.
S. L. Garfinkel, Digital forensics research: the next 10 years, Digital Investigation, 2010. https://doi.org/10.1016/j.diin.2010.05.009.
S. Raghavan, Digital forensic research: current state of the art, CSI Trans. ICT, Vol. 1, No. 1, pp. 91–114, 2013. https://doi.org/10.1007/s40012-012-0008-7.
B. K. S. P. K. R. Alluri and G. Geethakumari, A digital forensic model for introspection of virtual machines in cloud computing, 2015. https://doi.org/10.1109/SPICES.2015.7091553.
R. Panigrahi, et al., Performance assessment of supervised classifiers for designing intrusion detection systems: a comprehensive review and recommendations for future research, Mathematics, 2021. https://doi.org/10.3390/math9060690.
J. Paramguru, et al., Addressing economic dispatch problem with multiple fuels using oscillatory particle swarm Optimization, Computers, Materials and Continua, Vol. 69, No. 3, pp. 2863–2882, 2021. https://doi.org/10.32604/cmc.2021.016002.
C. Dawson, Projects in Computing and Information Systems A Student ’ s Guide. 2005.
M. Saunders, P. Lewis, and A. Thornhill, Research Methods for Business Students Fifth edition, in Research Methods for Business Students Fifth edition, 2009.
H. Rameshbhai Patel and J. M. Joseph, Questionnaire designing process: a review, Journal Clinical Trials, 2016. https://doi.org/10.4172/2167-0870.1000255.
N. Lallmahomed, Elementary Statistics using JMP, J. R. Stat. Soc. Ser. A (Statistics Soc.), 2008. https://doi.org/10.1111/j.1467-985x.2008.00538_10.x
Sample Size Calculator.”
E. C. Hedberg and E. C. Hedberg, Statistical Distributions. John Wiley & Sons, 2018.
P. Lehman, 101 design methods: A structured approach for driving innovation in your organization [Book Review], no. Apr 2013. John Wiley & Sons, 2013.
A. A. Adams and R. McCrindle, Pandora’s Box: Social and Professional Issues of the Information Age, vol. 1. John Wiley & Sons., 2008.
T. Sang, A log-based approach to make digital forensics easier on cloud computing, 2013, https://doi.org/10.1109/ISDEA.2012.29.
D. Reilly, C. Wren and T. Berry, Cloud computing: pros and cons for computer forensic investigations, International Journal of Multimedia and Image Processing, 2011. https://doi.org/10.20533/ijmip.2042.4647.2011.0004.
J. Networks, Securing Multi-Tenancy and Cloud Computing, 2012.
Passware Encryption Analyzer 2016 V.1, 2016. .
G. Albaum, The Likert scale revisited: An alternate version,Journal of the Market Research Society, 1997.
Approaches to the Analysis of Survey Data, 2001.
L. Del Greco, W. Walop and R. H. McCarthy, Questionnaire development: 2. Validity and reliability, CMJ, Vol. 136, No. 7, pp. 699, 1987.
Dr. R. Venkitachalam, Presentation: Validity and reliability of questionnaires, 2015.
Author information
Authors and Affiliations
Corresponding author
Additional information
Publisher's Note
Springer Nature remains neutral with regard to jurisdictional claims in published maps and institutional affiliations.
Supplementary Information
Below is the link to the electronic supplementary material.
Rights and permissions
About this article
Cite this article
Prakash, V., Williams, A., Garg, L. et al. Cloud-Based Framework for Performing Digital Forensic Investigations. Int J Wireless Inf Networks 29, 419–441 (2022). https://doi.org/10.1007/s10776-022-00560-z
Received:
Revised:
Accepted:
Published:
Issue Date:
DOI: https://doi.org/10.1007/s10776-022-00560-z