Skip to Main content Skip to Navigation
Conference papers

Network Forensics for Cloud Computing

Abstract : Computer forensics involves the collection, analysis, and reporting of information about security incidents and computer-based criminal activity. Cloud computing causes new challenges for the forensics process. This paper addresses three challenges for network forensics in an Infrastructure-as-a-Service (IaaS) environment: First, network forensics needs a mechanism for analysing network traffic remotely in the cloud. This task is complicated by dynamic migration of virtual machines. Second, forensics needs to be targeted at the virtual resources of a specific cloud user. In a multi-tenancy environment, in which multiple cloud clients share physical resources, forensics must not infringe the privacy and security of other users. Third, forensic data should be processed directly in the cloud to avoid a costly transfer of huge amounts of data to external investigators. This paper presents a generic model for network forensics in the cloud and defines an architecture that addresses above challenges. We validate this architecture with a prototype implementation based on the OpenNebula platform and the Xplico analysis tool.
Complete list of metadata

Cited literature [24 references]  Display  Hide  Download
Contributor : Hal Ifip Connect in order to contact the contributor
Submitted on : Tuesday, March 14, 2017 - 2:19:40 PM
Last modification on : Tuesday, March 14, 2017 - 4:07:25 PM
Long-term archiving on: : Thursday, June 15, 2017 - 2:20:17 PM


Files produced by the author(s)


Distributed under a Creative Commons Attribution 4.0 International License



Tobias Gebhardt, Hans P. Reiser. Network Forensics for Cloud Computing. 13th International Conference on Distributed Applications and Interoperable Systems (DAIS), Jun 2013, Florence, Italy. pp.29-42, ⟨10.1007/978-3-642-38541-4_3⟩. ⟨hal-01489462⟩



Record views


Files downloads