06-10-2016, 04:11 PM
1458105895-New.pdf14578814163451457888272526.pptx (Size: 282.73 KB / Downloads: 4)
ABSTRACT
Almost all the leading companies of the information area show their interesting and efforts on cloud computing and release services about cloud computing in succession.
The Internet environment now has become more and more unsecure.
No wall is wall in the world.
In this paper, I propose a approach which using logs model to building a forensic-friendly system. Using this model we can quickly gather information from cloud computing for some kinds of forensic purpose.
Digital Forensics
As per the official definition of NIST: “ Digital forensics is the application of science to the identification, examination, collection and analysis of data while preserving the information and maintaining a strict chain of custody for the data.”
Cloud forensics deals with forensics investigations in any kind of network, be they private or public.
A Log Based Approach For Digital Forensics
Criminal activity needs the investigation but as far as the digital forensic techniques are shown it is capable of finding the hacker or the criminal user.
The IP address and Domain name tracing is the first step to detect the doubtful user.
Log file that have all the entry related to incoming user and leaving user. These file are generate by the process of mechanism.
It can maintain by server machine, firewall, web servers, and routers etc.
Generally the log files are in the text format can be read by notepad or simple text editor.
Due to the plain text the size of log file will also reduces.
PROBLEM DEFINITION
Existing system does not guarantee the security, lot of disadvantages are present. Here we are going to overcome them.
Scope:
We are going to develop a log based approach to make digital Forensics easier.
Algorithm
Start
Beginning of Digital Forensics.
Gather local log files from the suspected machine.
Then check the whole file’s authenticity and Integrity rate.
If the log file is original then keep it aside for future reference.
If the log file is modified, request the CSP to cooperate to tally with the original log files.
If the CSP cooperates with the investigation process it compares both the files and it is the end of investigation
If the CSP doesn’t cooperate, it requests for related log files from CSP.
End.
Applications
Investigation
Trouble shooting
Log monitoring
Data and system recovery
Conclusion
There is no doubt that cloud computing will be the most popular operation mode for business. While there will be more and more crimes against it too.
For all the participator of cloud computing, they should prepare for that change.
In this paper we have proposed a log based model which can help to reduce the complexity of forensic for nonrepudiation of behaviours on cloud.