Skip to Main content Skip to Navigation
New interface
Conference papers

A Taxonomy of Cloud Endpoint Forensic Tools

Abstract : Cloud computing services can be accessed via browsers or client applications on networked devices such as desktop computers, laptops, tablets and smartphones, which are generally referred to as endpoint devices. Data relevant to forensic investigations may be stored on endpoint devices and/or at cloud service providers. When cloud services are accessed from an endpoint device, several files and folders are created on the device; the data can be accessed by a digital forensic investigator using various tools. An investigator may also use an application programming interface made available by a cloud service provider to obtain forensic information from the cloud related to objects, events and file metadata associated with a cloud user. This chapter presents a taxonomy of the forensic tools used to extract data from endpoint devices and from cloud service providers. The tool taxonomy provides investigators with an easily searchable catalog of tools that can meet their technical requirements during cloud forensic investigations.
Document type :
Conference papers
Complete list of metadata

Cited literature [45 references]  Display  Hide  Download
Contributor : Hal Ifip Connect in order to contact the contributor
Submitted on : Tuesday, January 22, 2019 - 9:44:22 AM
Last modification on : Thursday, February 7, 2019 - 3:40:57 PM
Long-term archiving on: : Tuesday, April 23, 2019 - 1:54:20 PM


Files produced by the author(s)


Distributed under a Creative Commons Attribution 4.0 International License



Anand Kumar Mishra, Emmanuel Pilli, Mahesh Govil. A Taxonomy of Cloud Endpoint Forensic Tools. 14th IFIP International Conference on Digital Forensics (DigitalForensics), Jan 2018, New Delhi, India. pp.243-261, ⟨10.1007/978-3-319-99277-8_14⟩. ⟨hal-01988833⟩



Record views


Files downloads