Logging for Cloud Computing Forensic Systems

  • Alecsandru Patrascu Military Technical Academy
  • Victor-Valeriu Patriciu Military Technical Academy

Abstract

Cloud computing represents a different paradigm in the field of distributed computing that involves more and more researchers. We can see in this context the need to know exactly where, when and how a piece of data is processed or stored. Compared with classic digital forensic, the field of cloud forensic has a lot of difficulties because data is not stored on a single place and furthermore it involves the use of virtualization technologies. In this paper we present in detail a new way of monitoring activity in cloud environments and datacenters using a secure cloud forensic framework. We talk about what architecture must this framework implement and how can it be applied on top of new or existing cloud computing deployments. For testing and results  we have implemented this solution to our previous developed cloud computing system.

Author Biographies

Alecsandru Patrascu, Military Technical Academy
PhD Student, Computer Science Department
Victor-Valeriu Patriciu, Military Technical Academy
Proffessor, Computer Science Department

References

[1] S. Zawoad, A.K. Dutta and R. Hasan (2013); SecLaaS: Secure Logging-as-a-Service for Cloud Forensics, in ACM Symposium on Information, Computer and Communications Security, DOI: 10.1145/2484313.2484342, 219-230.
http://dx.doi.org/10.1145/2484313.2484342

[2] R. Marty (2011); Cloud Application Logging for Forensics, Proceedings of the 2011 ACM Symposium on Applied Computing, 178-184.
http://dx.doi.org/10.1145/1982185.1982226

[3] G. Sibiya, H. Venter, T. Fogwill (2012); Digital forensic framework for a cloud environment, Proceedings of the 2012 Africa Conference, 1-8.

[4] A. Pătraşcu and V. Patriciu (2013); Beyond Digital Forensics. A Cloud Computing Perspective Over Incident Response and Reporting, IEEE International Symposium on Applied Computational Intelligence and Informatics, 455-460.

[5] B. Grobauer and T. Schreck (2010); Towards incident handling in the cloud: challenges and approaches, Proceedings of the 2010 ACM workshop on Cloud computing security workshop, New York, DOI: 10.1145/1866835.1866850, 77-86.
http://dx.doi.org/10.1145/1866835.1866850

[6] A. Pătraşcu, C. Leordeanu, C. Dobre and V. Cristea (2012); ReC2S: Reliable Cloud Computing System, European Concurrent Engineering Conference, Bucharest, 1-9.

[7] M. Simmons and H. Chi (2012); Designing and implementing cloud-based digital forensics, Proceedings of the 2012 Information Security Curriculum Development Conference, 69-74.

[8] T. Takahashi, Y. Kadobayashi and H. Fujiwara (2010); Ontological Approach toward Cybersecurity in Cloud Computing, SIN'10 Proceedings of the 3rd international conference on Security of information and networks, DOI: 10.1145/1854099.1854121, 100-109.
http://dx.doi.org/10.1145/1854099.1854121

[9] NIST SP800-86 Notes, Guide to Integrating Forensic Techniques into Incident Response, http://cybersd.com/sec2/800-86Summary.pdf

[10] A. Pătraşcu and V. Patriciu (2014); Logging system for cloud computing forensic environments, Journal of Control Engineering and Applied Informatics, 16(1): 80-88.

[11] http://cee.mitre.org/language/1.0-beta1/cls.html

[12] http://uw714doc.sco.com/en/UDI_spec/m_mgmt.html
Published
2015-02-15
How to Cite
PATRASCU, Alecsandru; PATRICIU, Victor-Valeriu. Logging for Cloud Computing Forensic Systems. INTERNATIONAL JOURNAL OF COMPUTERS COMMUNICATIONS & CONTROL, [S.l.], v. 10, n. 2, p. 222-229, feb. 2015. ISSN 1841-9844. Available at: <http://univagora.ro/jour/index.php/ijccc/article/view/802>. Date accessed: 22 may 2022.

Keywords

cloud computing; data forensics; logging framework; distributed computing; binary diff