دورية أكاديمية
LogDrive: a proactive data collection and analysis framework for time-traveling forensic investigation in IaaS cloud environments
| العنوان: | LogDrive: a proactive data collection and analysis framework for time-traveling forensic investigation in IaaS cloud environments |
|---|---|
| المؤلفون: | Manabu Hirano, Natsuki Tsuzuki, Seishiro Ikeda, Ryotaro Kobayashi |
| المصدر: | Journal of Cloud Computing: Advances, Systems and Applications, Vol 7, Iss 1, Pp 1-25 (2018) |
| بيانات النشر: | SpringerOpen, 2018. |
| سنة النشر: | 2018 |
| المجموعة: | LCC:Computer engineering. Computer hardware LCC:Electronic computers. Computer science |
| مصطلحات موضوعية: | Cloud forensics, Surveillance, Anti-forensics, Hypervisor, Virtual machine monitor, Parallel distributed processing, Computer engineering. Computer hardware, TK7885-7895, Electronic computers. Computer science, QA75.5-76.95 |
| الوصف: | Abstract This paper presents the LogDrive framework for mitigating the following problems of storage forensics in Infrastructure-as-a-Service (IaaS) cloud environments: volatility, increasing volume of forensic data, and anti-forensic attacks that hide traces of incidents in virtual machines. The proposed proactive data collection function of virtual block devices mitigates the problem of volatility within the cloud environments and enables a time-traveling investigation to reveal overwritten or deleted evidence files. We employ a sector-hash-based file detection method with random sampling to search for an evidence file in the record of the write logs of the virtual storage. The problem formulation, the investigation context, and the design with five algorithms are presented. We explore the performance of LogDrive through a detailed evaluation. Finally, security analysis of LogDrive is presented based on the STRIDE (Spoofing, Tampering, Repudiation, Information disclosure, Denial of service, and Elevation of privilege) threats model and related work. We posted the source code of LogDrive on GitHub. |
| نوع الوثيقة: | article |
| وصف الملف: | electronic resource |
| اللغة: | English |
| تدمد: | 2192-113X |
| Relation: | http://link.springer.com/article/10.1186/s13677-018-0119-2; https://doaj.org/toc/2192-113X |
| DOI: | 10.1186/s13677-018-0119-2 |
| URL الوصول: | https://doaj.org/article/fc94029978e34a259d14c51ee7dd99e3 |
| رقم الأكسشن: | edsdoj.fc94029978e34a259d14c51ee7dd99e3 |
| قاعدة البيانات: | Directory of Open Access Journals |
Find this article in full text from Springer Verlag. 
Full Text Finder | تدمد: | 2192113X |
|---|---|
| DOI: | 10.1186/s13677-018-0119-2 |