Towards Building Forensics Enabled Cloud Through Secure Logging-as-a-Service

Zawoad, Shams; Dutta, Amit Kumar; Hasan, Ragib

doi:10.1109/tdsc.2015.2482484

Cited by 73 publications

(43 citation statements)

References 22 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Most of the researchers have considered the attacks on privacy and integrity on a logging server. The secure logging is discussed in these works . Zawoad et al explain SecLaaS stores VM logs and provide access to forensic investigators, ensuring the confidentiality of the cloud users .…”

Section: Related Workmentioning

confidence: 99%

“…The secure logging is discussed in these works. 5 users. 4 The proofs of the past log are preserved and thus protect the integrity of the logs from the dishonest investigators or the cloud providers.…”

Section: Related Workmentioning

confidence: 99%

“…In response to the threats in a cloud environment, it is necessary for the CSPs to provide security services along with their resources. An attacker may perform malicious actions by tampering with the log files or by inserting false information or by deleting altogether to leave no trace . Therefore, it is necessary to have in place a real‐time facility for securing and storing this information such that it is immune to tampering.…”

Section: Introductionmentioning

confidence: 99%

“…• The proposed scheme is built on the Open source cloud environment, OpenStack, and the performance of the proposed scheme is compared with the existing logging scheme (SecLaaS) in terms of average log processing time, log verification time, and scalability. It is observed from the experimental results that, as the size of the log entries increases, there is a minimal increase in average processing time than the existing scheme [5]. The proposed scheme uses BR tree that inserts log entries as a batch to ensure the minimal verification time for storing the logs in a secure manner.…”

mentioning

confidence: 99%

See 3 more Smart Citations

Secure logging scheme for forensic analysis in cloud

Sree

Bhanu

2019

Concurrency and Computation

View full text Add to dashboard Cite

Summary Cloud computing has emerged as a prominent technology that provides reliable on‐demand cloud services to users. Among the various kind of attacks, Distributed Denial of Service (DDoS) attack is one of the major application layer attacks that target the resources and services running in the cloud. Due to the distributed nature of attacks or crimes in the cloud, the evidence are collected from various components such as the router, switches, hard disk, log traces, and virtual machines. An attacker may collude with the cloud provider or investigators to tamper the log files or by inserting false information or by deleting the malicious activity logs altogether by leaving no trace. Hence, security is the major concern in cloud wherein investigation of crimes and attacks are very difficult. Collecting logs from the cloud providers is very hard since many users share the same network resources and the investigators rely on the providers to access the information. Therefore, in order to preserve the confidentiality, integrity, and authentication of logs, secure logging scheme is proposed to preserve the logs for forensic investigation. This paper highlights the secure logging scheme by extracting the features from logs of all virtual machine instances by double encryption scheme and also deals the integrity of the logs using hashing and verifies the signatures using Bloom filter–based R tree (BR tree). Furthermore, the verification is performed using Shamir Secret Sharing (SSS) scheme, and it is responsible for sharing the secret (private) keys to all the three parties, ie, user, investigator, and cloud providers. It is inferred from the experimental results that the proposed scheme requires minimal log processing time, minimal verification time for inserting logs, stores logs in time, and space efficient manner and scalable than existing methods.

show abstract

Section: Related Workmentioning

confidence: 99%

Section: Related Workmentioning

confidence: 99%

Section: Introductionmentioning

confidence: 99%

mentioning

confidence: 99%

See 2 more Smart Citations

Secure logging scheme for forensic analysis in cloud

Sree

Bhanu

2019

Concurrency and Computation

View full text Add to dashboard Cite

show abstract

“…Auditing-as-a-service [85,89,90,114] requires a trusted third party to maintain an audit logs for detecting integrity violations. LibSEAL does not require a trusted third party, but can instead rely on the TEE for privacy and integrity.…”

Section: Related Workmentioning

confidence: 99%

LibSEAL

Aublin

Kelbert

O'Keeffe

et al. 2018

Proceedings of the Thirteenth EuroSys Conference

View full text Add to dashboard Cite

Users of online services such as messaging, code hosting and collaborative document editing expect the services to uphold the integrity of their data. Despite providers' best efforts, data corruption still occurs, but at present service integrity violations are excluded from SLAs. For providers to include such violations as part of SLAs, the competing requirements of clients and providers must be satisfied. Clients need the ability to independently identify and prove service integrity violations to claim compensation. At the same time, providers must be able to refute spurious claims.We describe LibSEAL, a SEcure Audit Library for Internet services that creates a non-repudiable audit log of service operations and checks invariants to discover violations of service integrity. LibSEAL is a drop-in replacement for TLS libraries used by services, and thus observes and logs all service requests and responses. It runs inside a trusted execution environment, such as Intel SGX, to protect the integrity of the audit log. Logs are stored using an embedded relational database, permitting service invariant violations to be discovered using simple SQL queries. We evaluate LibSEAL with three popular online services (Git, ownCloud and Dropbox) and demonstrate that it is effective in discovering integrity violations, while reducing throughput by at most 14%.

show abstract

On developing Block‐Chain based Secure Storage Model (BSSM) with auditing and integrity analysis in the cloud

Apirajitha,

Sathianesan

2023

Concurrency and Computation

View full text Add to dashboard Cite

SummaryIn present scenario, Cloud Computing is developing vast, as the resources are utilized by many people and provided on‐demand. Recent works on cloud reports the success rates of cyber activities using cloud models for deceptive actions, because of its significant features and lack of apposite forensic models for cloud. For developing a cloud model for forensic support is an important and intricate issue like, directorial and technical challenges due to system distribution, virtualization, and dynamic characteristic of nodes. Considering the issues, this article develops a Block‐chain based Secure Storage Model (BSSM) incorporating Integrity and Auditing Examination Model for evaluating reliability of forensic data and auditing for validation. Moreover, this model effectively works on the domain of Forensic as a Service (FaaS) in cloud. The forensic data are formed into block‐chain for ensuring security. The model also aids in reducing the storage space effectively and the auditing and integrity analysis model incorporated in this work minimizes the dependency of trusts on Cloud Service Provider (CSP). And, the evaluation results show that the proposed model effectively achieves the objective in better way than compared works.

show abstract

Towards Building Forensics Enabled Cloud Through Secure Logging-as-a-Service

Cited by 73 publications

References 22 publications

Secure logging scheme for forensic analysis in cloud

Secure logging scheme for forensic analysis in cloud

LibSEAL

On developing Block‐Chain based Secure Storage Model (BSSM) with auditing and integrity analysis in the cloud

Contact Info

Product

Resources

About