A survey on cloud forensics challenges and solutions

Simou, Stavros; Kalloniatis, Christos; Gritzalis, Stefanos; Mouratidis, Haralambos

doi:10.1002/sec.1688

Cited by 37 publications

(32 citation statements)

References 60 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…However, designing cloud services capable to assist a cloud investigation process is of vital importance and various research efforts concentrate on these directions [8,9]. In addition, digital forensics methods cannot support an investigation in cloud environments since the particular environments introduce many differences compared to traditional IT environments [1,10].…”

Section: Cloud Forensic Investigationmentioning

confidence: 99%

“…Authors stated that the preservation stage should also run concurrently with the other two stages or should be included in the chain of custody. Based on the comparison framework and the literature review conducted in [10], Simou et al [9] proposed a generic process for cloud-forensic investigation including the steps of Incident Confirmation, Incident Identification, Collection-Acquisition, Examination-Analysis, and Presentation. They were stating that understanding the cloud forensic investigation process is of vital importance in order to design and implement cloud forensic-enabled services.…”

Section: Proposed Cloud Forensic Investigation Processmentioning

confidence: 99%

See 1 more Smart Citation

A Revised Forensic Process for Aligning the Investigation Process with the Design of Forensic-Enabled Cloud Services

Simou

Kalloniatis

Gritzalis

et al. 2019

Communications in Computer and Information Science

Self Cite

View full text Add to dashboard Cite

The design and implementation of cloud services, without taking under consideration the forensic requirements and the investigation process, makes the acquisition and examination of data, complex and demanding. The evidence gathered from the cloud may not become acceptable and admissible in the court. A literature gap in supporting software engineers so as to elicit and model forensic-related requirements exists. In order to fill the gap, software engineers should develop cloud services in a forensically sound manner. In this paper, a brief description of the cloud forensic-enabled framework is presented (adding some new elements) so as to understand the role of the design of forensic-enabled cloud services in a cloud forensic investigation. A validation of the forensic requirements is also produced by aligning the stages of cloud forensic investigation process with the framework's forensic requirements. In this way, on one hand, a strong relationship is built between these two elements and emphasis is given to the role of the forensic requirements and their necessity in supporting the investigation process. On the other hand, the alignment assists towards the identification of the degree of the forensic readiness of a cloud service against a forensic investigation.

show abstract

Section: Cloud Forensic Investigationmentioning

confidence: 99%

Section: Proposed Cloud Forensic Investigation Processmentioning

confidence: 99%

A Revised Forensic Process for Aligning the Investigation Process with the Design of Forensic-Enabled Cloud Services

Simou

Kalloniatis

Gritzalis

et al. 2019

Communications in Computer and Information Science

Self Cite

View full text Add to dashboard Cite

show abstract

“…When technologies are applied to activity diagrams, a new service is implemented which is cloud forensic-enabled and ready to support a cloud forensic investigation. For suggesting the adequate technologies per forensic constraint, taking as input the deployment model, the service model and the missing forensic-related constraints, we have grouped a list of possible solutions on our previous papers that categorize the existing solutions based on these criteria [26]. A snapshot of this table is shown in Table 6.…”

Section: Selection Of Technologiesmentioning

confidence: 99%

“…A detailed review at the respective methods has been also conducted and presented in [26,27]. This analysis revealed the challenges and the open issues related to cloud forensics and their possible solutions.…”

Section: Related Workmentioning

confidence: 99%

“…This is due to the fact that the cloud forensic process relies on the privacy and security capabilities to help resolve forensic issues. Based on our previous work [26,27,39] regarding the identification of forensic investigation stages, challenges and solutions, we present in the following tables various helpful information related to 7 the identified cloud forensic constraints. The identification and analysis of the information presented in tables 1, 2 and 3 was a mandatory step for the proposed tasks presented in section 4.…”

Section: Forensic Constraintsmentioning

confidence: 99%

See 1 more Smart Citation

A framework for designing cloud forensic-enabled services (CFeS)

et al. 2018

Self Cite

View full text Add to dashboard Cite

Cloud computing is used by consumers to access cloud services. Malicious actors exploit vulnerabilities of cloud services to attack consumers. The link between these two assumptions is the cloud service. Although cloud forensics assists in the direction of investigating and solving cloud-based cyber-crimes, in many cases the design and implementation of cloud services falls back. Software designers and engineers should focus their attention on the design and implementation of cloud services that can be investigated in a forensic sound manner. This paper presents a methodology that aims on assisting designers to design cloud forensic-enabled services. The methodology supports the design of cloud services by implementing a number of steps to make the services cloud forensic-enabled. It consists of a set of cloud forensic constraints, a modelling language expressed through a conceptual model and a process based on the concepts identified and presented in the model. The main advantage of the proposed methodology is the correlation of cloud services' characteristics with the cloud investigation while providing software engineers the ability to design and implement cloud forensic-enabled services via the use of a set of predefined forensic related tasks.

show abstract