A study on identity-authentication and evidence-investigation for cloud forensics
Huang, Hsiang Wei
Huang, Hsiang Wei
Cloud storage service
Cloud user authentication
|上傳時間: ||2017-08-28 12:05:47 (UTC+8)|
Recently, the technology development of cloud service, big data, and IoT has improved our life more and more convenience than before. Cloud service not only makes users to access data remotely, but also makes criminals to save the data of criminal in cloud, they can access the criminal evidence remotely, and reduce the risk of keeping the criminal data by themselves. This paper proposes a scheme of cloud forensics investigation, which could defend the cloud system from the outside offender, and forensically the evidence collect from the cloud service. The cloud storage forensics on iOS devices is further analyzed from the following three analysis methods, network packet analysis, file analysis, and APP runtime analysis. It will thoroughly help us explore digital evidence we.
|參考文獻: ||A. Banks and C.S. Edge, “Learning iOS Security,” 1st ed., Packt Publishing Ltd., 2015.|
S. Bommisetty, R. Tamma, and H. Mahalik, “Practical Mobile Forensics,” 1st ed., Packt Publishing Ltd., 2014.
L. Chen and Q. Zhang, “Forensic Analysis to China’s Cloud Storage Services,” International Journal of Machine Learning and Computing, vol. 5, no. 6, pp. 467-470, 2015.
H. Chung, J. Park, S. Lee, and C. Kang, “Digital forensic investigation of cloud storage services,” Digital Investigation, vol. 9, no. 2, pp. 81-95, 2012.
M. Epifani and P. Stirparo, “Learning iOS Forensics,” 1st ed., Packt Publishing Ltd., 2015.
J. Farina, M. Scanlon, N.A. Le-Khac, and M.T. Kechadi, “Overview of the Forensic Investigation of Cloud Service,” IEEE 10th International Conference on Availability, Reliability and Security, pp. 556-565, 2015.
G. Horsman and L.R. Conniss, “Investigating evidence of mobile phone usage by drivers in road traffic accidents,” Digital Investigation, vol. 12, no. 1, pp. S30-S37, 2015.
H. Jeong and E. Choi, “User Authentication using Profiling in Mobile Cloud Computing,” AASRI Procedia, vol. 2, no. 1, pp. 262-267, 2012.
S.L. Garfinkel, “Digital forensics research: The next 10 years,” Digital Investigation, vol. 7, no. 1, pp. S64-S73, 2010.
M. Goodman, “FUTURE CRIMES,” 1st ed, Randon House Audio, 2015.
V.M. Katilu, V.N.L. Franqueira, and O. Angelopoulou, “Challenges of Data Provenance for Cloud Forensic Investigations,” 2015 10th International Conference on Availability, Reliability and Security, pp. 312-317, 2015.
D.Y. Kao, “Cybercrime Investigation Countermeasure Using Created-Accessed-Modified Model in Cloud Computing Environments,” Journal of Supercomputing, vol. 72, no. 1, pp. 141-160, 2016.
W. Lee and H. Kim, “Heterogeneous cloud storage system for privacy,” 2014 Sixth International Conference on Ubiquitous and Future Networks (ICUFN), pp. 193-198, 2014.
B. Martini and K.K.R. Choo, “An integrated conceptual digital forensic framework for cloud computing,” Digital Investigation, vol. 9, no. 2, pp. 71-80, 2012.
B. Martini and K.K.R. Choo, “Cloud storage forensics: ownCloud as a case study,” Digital Investigation, vol. 10, no. 4, pp. 287-299, 2013.
B. Martini and K.K.R. Choo, “Cloud Forensic Technical Challenges and Solutions:A Snapshot,” IEEE Cloud Computing , vol. 1, no. 4, pp. 20-25, 2014.
G. Meyer and A. Stander, “Cloud Computing:The Digital Forensics Challenge,” Proceedings of Informing Science & IT Education Conference(InSITE), pp. 285-299, 2015.
P.N. Ninawe and S.B. Ardhapurkar, “Design and implementation of cloud based mobile forensic tool,” 2015 International Conference on Innovations in Information, Embedded and Communication Systems (ICIIECS), pp. 1-4, 2015.
K. Oestreicher, “A forensically robust method for acquisition of iCloud data,” Digital Investigation, vol. 11, no. 2, pp. S106-S113, 2014.
D. Quick and K.K.R. Choo, “Digital droplets: Microsoft SkyDrive forensic data remnants,” Future Generation Computer Systems, vol. 29, no. 6, pp. 1378-1394, 2013.
D. Quick and K.K.R. Choo, “Dropbox analysis: Data remnants on user machines,” Digital Investigation, vol. 10, no. 1, pp. 3-18, 2013.
D. Quick and K.K.R. Choo, “Forensic collection of storage data: Does the act of collection result in changes to the data or its metadata? ,” Digital Investigation, vol. 10, no. 3, pp. 266-277, 2013.
D. Quick and K.K.R. Choo, “Google Drive: Forensic analysis of data remnants,” Journal of Network and Computer Applications, vol. 40, no. 1, pp. 179-193, 2014.
V. Roussev and S. McCulley, “Forensic analysis of cloud-native artifacts,” Digital Investigation, vol. 16, no. 1, pp. S104-S113, 2016.
N. Samet, A.B. Letaifa, M. Hamdi, and S. Tabbane, “Forensic Investigation in Mobile Cloud Environment,” The 2014 International Symposium on Networks, Computers and Communications, pp. 1-5, 2014.
J. Sammons, “DIGITAL FORENSICS,” 1st ed., Elsevier Inc., 2015.
SANS Institute InfoSec Reading Room, “iPwn Apps:Pentesting iOS Applications”, 2014.
K. Selvamani and P.K. Arya, “Credential Based Authentication Approach for Dynamic Group in Cloud Environment,” Procedia Computer Science, vol. 48, no. 1, pp. 166-172, 2015.
D.H. Sharma, C.A. Dhote, and M.M. Potey, “Identity and Access Management as Security-as-a-Service from Clouds,” Procedia Computer Science, vol. 79, no. 1, pp. 170-174, 2016.
O. Tabona and A. Blyth, “A forensic cloud environment to address the big data challenge in digital forensics,” 2016 SAI Computing Conference (SAI), pp. 579-584, 2016.
D. Walnycky, I. Baggili, A. Marrington, J. Moore, and F. Breitinger, “Network and device forensic analysis of Android social-messaging applications,” Digital Investigation, vol. 14, no. 1, pp. S77-S84, 2015.
S. Zawoad, A.K. Dutta, and R. Hasan, “SecLaaS:Secure Logging-as-a-Service for Cloud Forensics,” 8th ACM symposium on information, computer and communications security(ASIACCS), pp. 219-230, 2013.
S. Zawoad, R. Hasan, and J. Grimes, “LINCS: Towards building a trustworthy litigation hold enabled cloud storage system,” Digital Investigation, vol. 14, no. 1, pp. S55-S67, 2015.