Skip to Main content Skip to Navigation
Conference papers

A Taxonomy of Cloud Endpoint Forensic Tools

Abstract : Cloud computing services can be accessed via browsers or client applications on networked devices such as desktop computers, laptops, tablets and smartphones, which are generally referred to as endpoint devices. Data relevant to forensic investigations may be stored on endpoint devices and/or at cloud service providers. When cloud services are accessed from an endpoint device, several files and folders are created on the device; the data can be accessed by a digital forensic investigator using various tools. An investigator may also use an application programming interface made available by a cloud service provider to obtain forensic information from the cloud related to objects, events and file metadata associated with a cloud user. This chapter presents a taxonomy of the forensic tools used to extract data from endpoint devices and from cloud service providers. The tool taxonomy provides investigators with an easily searchable catalog of tools that can meet their technical requirements during cloud forensic investigations.
Document type :
Conference papers
Complete list of metadata

Cited literature [45 references]  Display  Hide  Download

https://hal.inria.fr/hal-01988833
Contributor : Hal Ifip <>
Submitted on : Tuesday, January 22, 2019 - 9:44:22 AM
Last modification on : Thursday, February 7, 2019 - 3:40:57 PM
Long-term archiving on: : Tuesday, April 23, 2019 - 1:54:20 PM

File

472401_1_En_14_Chapter.pdf
Files produced by the author(s)

Licence


Distributed under a Creative Commons Attribution 4.0 International License

Identifiers

Citation

Anand Mishra, Emmanuel Pilli, Mahesh Govil. A Taxonomy of Cloud Endpoint Forensic Tools. 14th IFIP International Conference on Digital Forensics (DigitalForensics), Jan 2018, New Delhi, India. pp.243-261, ⟨10.1007/978-3-319-99277-8_14⟩. ⟨hal-01988833⟩

Share

Metrics

Record views

92

Files downloads

41