21-05-2014, 03:34 PM
Research Area in CLOUD FORENSIC
CLOUD FORENSIC.pptx (Size: 63.96 KB / Downloads: 22)
Introduction
Digital forensic is a branch of forensic science encompassing the recovery and investigation of material found in digital devices, often in relation to computer crime
Digital forensics is the application of computer science principles to recover electronic evidence for presentation
in a court of law
Digital forensics is the science concerned with discovering, preserving, and analyzing evidence on digital devices
Digital forensic process
A digital forensic investigation commonly consists of 3 stages
acquisition or imaging of exhibits,
analysis, and
reporting
When to Use Digital Forensics?
When relevant ESI(electronically stored information) files have been deleted
When passwords are not available for relevant ESI
When claims of computer crashes and malware are made as basis for relevant ESI not being available
When it is important to maintain proof that original ESI has not been modified by analysis
When it is suspected that criminal behavior is associated with the eDiscovery process
Challenges
1. Forensic Data Collection
Decreased access to forensic data means that cloud customer
generally have little or no control – or even knowledge – of the
physical locations of their data.
Many CSPs do not provide services or interfaces for customers to gather forensic data.
For ex, SaaS providers may not provide their customers with the IP logs of client accesses,
and IaaS providers may not provide recent virtual machine and disk
images.