Skip to Main content Skip to Navigation
Conference papers

LiveCloudInspector: Towards Integrated IaaS Forensics in the Cloud

Abstract : Cloud-based systems are becoming an increasingly attractive target for malicious attacks. In IaaS environments, malicious attacks on a cloud customer’s virtual machine may affect the customer, who cannot use all diagnostic means that are available in dedicated in-house infrastructures, as well as the cloud provider, due to possible subsequent attacks against the cloud infrastructure and other co-hosted customers. This paper presents an integrated approach towards forensics and incident analysis in IaaS cloud environments. The proposed architecture enables the cloud provider to securely offer forensics services to its customers on a self-service platform. The architecture combines three important analysis techniques and provides significantly better investigation capabilities than existing systems: First, it supports host-based forensics based on virtual machine introspection. Second, it offers live remote capture of network traffic. Third, and most importantly, it provides hybrid combinations of the first two techniques, which enables enhanced analysis capabilities such as support for monitoring encrypted communication.
Complete list of metadata

Cited literature [12 references]  Display  Hide  Download
Contributor : Hal Ifip <>
Submitted on : Tuesday, April 24, 2018 - 11:53:52 AM
Last modification on : Tuesday, April 24, 2018 - 12:42:52 PM
Long-term archiving on: : Wednesday, September 19, 2018 - 11:51:58 AM


Files produced by the author(s)


Distributed under a Creative Commons Attribution 4.0 International License



Julian Zach, Hans Reiser. LiveCloudInspector: Towards Integrated IaaS Forensics in the Cloud. 15th IFIP International Conference on Distributed Applications and Interoperable Systems (DAIS), Jun 2015, Grenoble, France. pp.207-220, ⟨10.1007/978-3-319-19129-4_17⟩. ⟨hal-01775040⟩



Record views


Files downloads