2016
DOI: 10.1002/sec.1538
|View full text |Cite
|
Sign up to set email alerts
|

A framework for cloud forensics evidence collection and analysis using security information and event management

Abstract: A primary feature of cloud computing is the provision of a variety of transparent services with efficient resource utilization. However, there are concerns with cloud computing in terms of the user's data privacy and security, especially in evidence collection for forensics analysis, because the tangible resources and hardware are out of reach for users who own the data. This paper presents a framework using security information and event management (SIEM), to address the issue of efficient evidence collection… Show more

Help me understand this report

Search citation statements

Order By: Relevance

Paper Sections

Select...
2
1
1
1

Citation Types

0
10
0

Year Published

2019
2019
2023
2023

Publication Types

Select...
7
1
1

Relationship

0
9

Authors

Journals

citations
Cited by 21 publications
(10 citation statements)
references
References 17 publications
0
10
0
Order By: Relevance
“…It is often used to execute untrusted programs or code, possibly from unverified suppliers, users, websites, or untrusted third parties. -Security information and event management (SIEM) [49] is a combination of security information management (SIM) and security event management (SEM) that provides real-time analysis of device and network hardware security alerts. -Cryptography [50] is a popular method used for protecting data or information that uses the secret keys, e.g., secret-key, public key, and hash function, to encrypt and decrypt data for communication.…”
Section: Cybersecurity Defense Strategiesmentioning
confidence: 99%
“…It is often used to execute untrusted programs or code, possibly from unverified suppliers, users, websites, or untrusted third parties. -Security information and event management (SIEM) [49] is a combination of security information management (SIM) and security event management (SEM) that provides real-time analysis of device and network hardware security alerts. -Cryptography [50] is a popular method used for protecting data or information that uses the secret keys, e.g., secret-key, public key, and hash function, to encrypt and decrypt data for communication.…”
Section: Cybersecurity Defense Strategiesmentioning
confidence: 99%
“…security information and event management (SIEM) [88], or cryptography [89], are typically used to mitigate the issues. However, data science modeling is demanding security intelligence as well through its capability of extracting more actionable insights from the data to intelligently manage these issues.…”
Section: Smart City Services and Data-driven Decision-makingmentioning
confidence: 99%
“…This could result in scenarios where a malicious user injects fake data to manipulate the correct execution of a given system workflow. In addition, the need of evaluating the trustworthiness of collected data clearly emerged in the context of forensics science and has been initially dealt with by defining a systematic and reliable methodology for data collection and analysis [10]. Some solutions based on blockchain have been also proposed to guarantee availability, integrity, and verifiability of collected data (e.g., [5,16,19]).…”
Section: Problem Statement and Related Workmentioning
confidence: 99%