Network Forensics for Cloud Computing

Abstract : Computer forensics involves the collection, analysis, and reporting of information about security incidents and computer-based criminal activity. Cloud computing causes new challenges for the forensics process. This paper addresses three challenges for network forensics in an Infrastructure-as-a-Service (IaaS) environment: First, network forensics needs a mechanism for analysing network traffic remotely in the cloud. This task is complicated by dynamic migration of virtual machines. Second, forensics needs to be targeted at the virtual resources of a specific cloud user. In a multi-tenancy environment, in which multiple cloud clients share physical resources, forensics must not infringe the privacy and security of other users. Third, forensic data should be processed directly in the cloud to avoid a costly transfer of huge amounts of data to external investigators. This paper presents a generic model for network forensics in the cloud and defines an architecture that addresses above challenges. We validate this architecture with a prototype implementation based on the OpenNebula platform and the Xplico analysis tool.
Type de document :
Communication dans un congrès
Jim Dowling; François Taïani. 13th International Conference on Distributed Applications and Interoperable Systems (DAIS), Jun 2013, Florence, Italy. Springer, Lecture Notes in Computer Science, LNCS-7891, pp.29-42, 2013, Distributed Applications and Interoperable Systems. 〈10.1007/978-3-642-38541-4_3〉
Liste complète des métadonnées

Littérature citée [24 références]  Voir  Masquer  Télécharger

https://hal.inria.fr/hal-01489462
Contributeur : Hal Ifip <>
Soumis le : mardi 14 mars 2017 - 14:19:40
Dernière modification le : mardi 14 mars 2017 - 16:07:25
Document(s) archivé(s) le : jeudi 15 juin 2017 - 14:20:17

Fichier

978-3-642-38541-4_3_Chapter.pd...
Fichiers produits par l'(les) auteur(s)

Licence


Distributed under a Creative Commons Paternité 4.0 International License

Identifiants

Citation

Tobias Gebhardt, Hans Reiser. Network Forensics for Cloud Computing. Jim Dowling; François Taïani. 13th International Conference on Distributed Applications and Interoperable Systems (DAIS), Jun 2013, Florence, Italy. Springer, Lecture Notes in Computer Science, LNCS-7891, pp.29-42, 2013, Distributed Applications and Interoperable Systems. 〈10.1007/978-3-642-38541-4_3〉. 〈hal-01489462〉

Partager

Métriques

Consultations de la notice

130

Téléchargements de fichiers

290