As cloud computing gains a firm foothold as an information technology (IT) business solution, an increasing number of enterprises are considering it as a possible migration route for their IT infrastructures and business operations. The centralization of data in the cloud has not gone unnoticed by criminal elements and, as such, data centers and cloud providers have become targets for attack. Traditional digital forensic methodologies are not well suited to cloud computing environments because of the use of remote storage and virtualization technologies. The task of imaging potential evidence is further complicated by evolving cloud environments and services such as infrastructure as a service (IaaS), software as a service (SaaS) and platform as a service (PaaS). The implementation of forensics as a service (FaaS) appears to be the only workable solution, but until standards are formulated and implemented by service providers, the only option will be to use traditional forensic tools and rely on service level agreements to facilitate the extraction of digital evidence on demand. This paper explores the effect that cloud computing has on traditional digital forensic investigations and proposes some approaches to help improve cloud forensic investigations.
A key requirement for experimental analysis in the areas of network intrusion and computer forensics is the availability of suitable datasets. However, the inherent security and privacy issues surrounding these disciplines have resulted in a lack of available “test-bed” datasets for testing and evaluation purposes. Typically, the datasets required in these cases are from system log files, containing traces of computer misuse. Therefore, there is obvious potential for the use of synthetically generated log files that can accurately reproduce these traces or patterns of misuse. This paper discusses the development, testing, and evaluation of a dataset generator tool, designed to produce such datasets, particularly those containing patterns of common computer attacks.
scite is a Brooklyn-based organization that helps researchers better discover and understand research articles through Smart Citations–citations that display the context of the citation and describe whether the article provides supporting or contrasting evidence. scite is used by students and researchers from around the world and is funded in part by the National Science Foundation and the National Institute on Drug Abuse of the National Institutes of Health.