Network Forensics for Cloud Computing

Abstract : Computer forensics involves the collection, analysis, and reporting of information about security incidents and computer-based criminal activity. Cloud computing causes new challenges for the forensics process. This paper addresses three challenges for network forensics in an Infrastructure-as-a-Service (IaaS) environment: First, network forensics needs a mechanism for analysing network traffic remotely in the cloud. This task is complicated by dynamic migration of virtual machines. Second, forensics needs to be targeted at the virtual resources of a specific cloud user. In a multi-tenancy environment, in which multiple cloud clients share physical resources, forensics must not infringe the privacy and security of other users. Third, forensic data should be processed directly in the cloud to avoid a costly transfer of huge amounts of data to external investigators. This paper presents a generic model for network forensics in the cloud and defines an architecture that addresses above challenges. We validate this architecture with a prototype implementation based on the OpenNebula platform and the Xplico analysis tool.
Complete list of metadatas

Cited literature [24 references]  Display  Hide  Download

https://hal.inria.fr/hal-01489462
Contributor : Hal Ifip <>
Submitted on : Tuesday, March 14, 2017 - 2:19:40 PM
Last modification on : Tuesday, March 14, 2017 - 4:07:25 PM
Long-term archiving on : Thursday, June 15, 2017 - 2:20:17 PM

File

978-3-642-38541-4_3_Chapter.pd...
Files produced by the author(s)

Licence


Distributed under a Creative Commons Attribution 4.0 International License

Identifiers

Citation

Tobias Gebhardt, Hans Reiser. Network Forensics for Cloud Computing. 13th International Conference on Distributed Applications and Interoperable Systems (DAIS), Jun 2013, Florence, Italy. pp.29-42, ⟨10.1007/978-3-642-38541-4_3⟩. ⟨hal-01489462⟩

Share

Metrics

Record views

250

Files downloads

1628