Logging for Cloud Computing Forensic Systems

Alecsandru Patrascu, Victor-Valeriu Patriciu

Abstract


Cloud computing represents a different paradigm in the field of distributed computing that involves more and more researchers. We can see in this context the need to know exactly where, when and how a piece of data is processed or stored. Compared with classic digital forensic, the field of cloud forensic has a lot of difficulties because data is not stored on a single place and furthermore it involves the use of virtualization technologies.

In this paper we present in detail a new way of monitoring activity in cloud environments and datacenters using a secure cloud forensic framework. We talk about what architecture must this framework implement and how can it be applied on top of new or existing cloud computing deployments. For testing and results  we have implemented this solution to our previous developed cloud computing system.

Keywords


cloud computing; data forensics; logging framework; distributed computing; binary diff

Full Text:

PDF

References


S. Zawoad, A.K. Dutta and R. Hasan (2013); SecLaaS: Secure Logging-as-a-Service for Cloud Forensics, in ACM Symposium on Information, Computer and Communications Security, DOI: 10.1145/2484313.2484342, 219-230.
http://dx.doi.org/10.1145/2484313.2484342

R. Marty (2011); Cloud Application Logging for Forensics, Proceedings of the 2011 ACM Symposium on Applied Computing, 178-184.
http://dx.doi.org/10.1145/1982185.1982226

G. Sibiya, H. Venter, T. Fogwill (2012); Digital forensic framework for a cloud environment, Proceedings of the 2012 Africa Conference, 1-8.

A. Pătraşcu and V. Patriciu (2013); Beyond Digital Forensics. A Cloud Computing Perspective Over Incident Response and Reporting, IEEE International Symposium on Applied Computational Intelligence and Informatics, 455-460.

B. Grobauer and T. Schreck (2010); Towards incident handling in the cloud: challenges and approaches, Proceedings of the 2010 ACM workshop on Cloud computing security workshop, New York, DOI: 10.1145/1866835.1866850, 77-86.
http://dx.doi.org/10.1145/1866835.1866850

A. Pătraşcu, C. Leordeanu, C. Dobre and V. Cristea (2012); ReC2S: Reliable Cloud Computing System, European Concurrent Engineering Conference, Bucharest, 1-9.

M. Simmons and H. Chi (2012); Designing and implementing cloud-based digital forensics, Proceedings of the 2012 Information Security Curriculum Development Conference, 69-74.

T. Takahashi, Y. Kadobayashi and H. Fujiwara (2010); Ontological Approach toward Cybersecurity in Cloud Computing, SIN'10 Proceedings of the 3rd international conference on Security of information and networks, DOI: 10.1145/1854099.1854121, 100-109.
http://dx.doi.org/10.1145/1854099.1854121

NIST SP800-86 Notes, Guide to Integrating Forensic Techniques into Incident Response, http://cybersd.com/sec2/800-86Summary.pdf

A. Pătraşcu and V. Patriciu (2014); Logging system for cloud computing forensic environments, Journal of Control Engineering and Applied Informatics, 16(1): 80-88.

http://cee.mitre.org/language/1.0-beta1/cls.html

http://uw714doc.sco.com/en/UDI_spec/m_mgmt.html




DOI: https://doi.org/10.15837/ijccc.2015.2.802



Copyright (c) 2017 Alecsandru Patrascu, Victor-Valeriu Patriciu

Creative Commons License
This work is licensed under a Creative Commons Attribution-NonCommercial 4.0 International License.

CC-BY-NC  License for Website User

Articles published in IJCCC user license are protected by copyright.

Users can access, download, copy, translate the IJCCC articles for non-commercial purposes provided that users, but cannot redistribute, display or adapt:

  • Cite the article using an appropriate bibliographic citation: author(s), article title, journal, volume, issue, page numbers, year of publication, DOI, and the link to the definitive published version on IJCCC website;
  • Maintain the integrity of the IJCCC article;
  • Retain the copyright notices and links to these terms and conditions so it is clear to other users what can and what cannot be done with the  article;
  • Ensure that, for any content in the IJCCC article that is identified as belonging to a third party, any re-use complies with the copyright policies of that third party;
  • Any translations must prominently display the statement: "This is an unofficial translation of an article that appeared in IJCCC. Agora University  has not endorsed this translation."

This is a non commercial license where the use of published articles for commercial purposes is forbiden. 

Commercial purposes include: 

  • Copying or downloading IJCCC articles, or linking to such postings, for further redistribution, sale or licensing, for a fee;
  • Copying, downloading or posting by a site or service that incorporates advertising with such content;
  • The inclusion or incorporation of article content in other works or services (other than normal quotations with an appropriate citation) that is then available for sale or licensing, for a fee;
  • Use of IJCCC articles or article content (other than normal quotations with appropriate citation) by for-profit organizations for promotional purposes, whether for a fee or otherwise;
  • Use for the purposes of monetary reward by means of sale, resale, license, loan, transfer or other form of commercial exploitation;

    The licensor cannot revoke these freedoms as long as you follow the license terms.

[End of CC-BY-NC  License for Website User]


INTERNATIONAL JOURNAL OF COMPUTERS COMMUNICATIONS & CONTROL (IJCCC), With Emphasis on the Integration of Three Technologies (C & C & C),  ISSN 1841-9836.

IJCCC was founded in 2006,  at Agora University, by  Ioan DZITAC (Editor-in-Chief),  Florin Gheorghe FILIP (Editor-in-Chief), and  Misu-Jan MANOLESCU (Managing Editor).

Ethics: This journal is a member of, and subscribes to the principles of, the Committee on Publication Ethics (COPE).

Ioan  DZITAC (Editor-in-Chief) at COPE European Seminar, Bruxelles, 2015:

IJCCC is covered/indexed/abstracted in Science Citation Index Expanded (since vol.1(S),  2006); JCR2018: IF=1.585..

IJCCC is indexed in Scopus from 2008 (CiteScore2018 = 1.56):

Nomination by Elsevier for Journal Excellence Award Romania 2015 (SNIP2014 = 1.029): Elsevier/ Scopus

IJCCC was nominated by Elsevier for Journal Excellence Award - "Scopus Awards Romania 2015" (SNIP2014 = 1.029).

IJCCC is in Top 3 of 157 Romanian journals indexed by Scopus (in all fields) and No.1 in Computer Science field by Elsevier/ Scopus.

 

 Impact Factor in JCR2018 (Clarivate Analytics/SCI Expanded/ISI Web of Science): IF=1.585 (Q3). Scopus: CiteScore2018=1.56 (Q2);

SCImago Journal & Country Rank

Editors-in-Chief: Ioan DZITAC & Florin Gheorghe FILIP.