Performing a Forensics Investigation Involving Cloud Computing
Added on 2022-08-15
11 Pages2391 Words12 Views
1
Problem of Performing a Forensics Investigation Involving Cloud Computing Resources
Name:
Course
Problem of Performing a Forensics Investigation Involving Cloud Computing Resources
Name:
Course
2
1 Introduction
Cloud computing is one of the most important topics in the field of information technology in current
time thus its popularity is rising very fast Computing through cloud has play major roles in the
organization growth. Companies migrate their services to the cloud for easy accessibility of the
services. Hence it has become a major trend in the modern industry of computing in the cloud.
Through cloud computing a space of storage for companies is created for easy carrying of their
activities in the internet. The forensic investigators use this platform as a major point for evidence
acquisition, imaging and data analysis of the organization in necessary for any organization in order to
thrive will in cloud computing industry. Need to do more research especially on the forensic problems
and the necessary solution necessary
Cloud forensic problems
Major problem regarding to cloud computing occurs in the public operations of cloud more than in the
private architecture of computing in the clouds. This is because through government major investments
are made in cloud computing (Duan et al, 2015).
Cloud Forensic Solutions
Volatility of data
The information stored in virtual machine is lost in most cases when the virtual machine is rebooted or
turned off by the clients. This shows how relevant evidence of processes and registry entries and the
internet files temporary stored can be lost during this process. In case of eternal adversary attracts to
adversary machine no continues synchronization will occur. After completion of the adversary attack,
the adversary can end up shutting down the virtual machine leading to the loss of volatile data in the
virtual machine. This will occur severally if the necessary actions will not be taken into place.
The given places of information accessibility can cause a major challenge on the hence need Alt-
Sahalia (2012).
1 Introduction
Cloud computing is one of the most important topics in the field of information technology in current
time thus its popularity is rising very fast Computing through cloud has play major roles in the
organization growth. Companies migrate their services to the cloud for easy accessibility of the
services. Hence it has become a major trend in the modern industry of computing in the cloud.
Through cloud computing a space of storage for companies is created for easy carrying of their
activities in the internet. The forensic investigators use this platform as a major point for evidence
acquisition, imaging and data analysis of the organization in necessary for any organization in order to
thrive will in cloud computing industry. Need to do more research especially on the forensic problems
and the necessary solution necessary
Cloud forensic problems
Major problem regarding to cloud computing occurs in the public operations of cloud more than in the
private architecture of computing in the clouds. This is because through government major investments
are made in cloud computing (Duan et al, 2015).
Cloud Forensic Solutions
Volatility of data
The information stored in virtual machine is lost in most cases when the virtual machine is rebooted or
turned off by the clients. This shows how relevant evidence of processes and registry entries and the
internet files temporary stored can be lost during this process. In case of eternal adversary attracts to
adversary machine no continues synchronization will occur. After completion of the adversary attack,
the adversary can end up shutting down the virtual machine leading to the loss of volatile data in the
virtual machine. This will occur severally if the necessary actions will not be taken into place.
The given places of information accessibility can cause a major challenge on the hence need Alt-
Sahalia (2012).
3
Physical inaccessibility
The geographic distribution of the hardware devices is challenging in a cloud environment, data
location. The established digital forensic procedures and tools assume that the hardware fact is
physically accessible. In cloud forensics, however, the fact that the devices to be purchased will reside
on different physical devices that are used by multiple cloud consumers and that the device
configuration is static. Makes any physical acquisition nearly impossible for CSP. There is also no
possibility to seize the data-containing hardware, because usually jurisdictions are stored in distributed
systems. This challenge does not apply to any type of globally distributed corporation, where all
resources are located at the premises of the company.
In the event of a crash, all machines can be easily accessed because they belong to private p
remises where the institutions have full control. The challenge extends to all three versions in
operations.
Integrity and stability
In cloud investigation for IaaS, PaaS, and SaaS, the integrity preservation reliability of evidence is
important. In our effort, we will protect data in multi-jurisdictional contexts, a daunting challenge,
without violating any rule. If the dignity is not protected then the evidence will not be admissible to the
court. Dignity will add additional confidence to cloud forensics that is appropriate for an investigator
parties to accredit to verify in question. A process to be trusted by the courts was created by the
integrity testing authority; otherwise it would be difficult to justify using them as a source for
verification of integrity. The transitory existence and dedicated explanation of the Cloud is also difficult
(Nasreidin et al, 2015).
Internal staffing
The problem affects four rates on all three-service models, from description to protection. A number of
people have to be involved as a team to carry out a cloud forensics investigation. The team should be
Physical inaccessibility
The geographic distribution of the hardware devices is challenging in a cloud environment, data
location. The established digital forensic procedures and tools assume that the hardware fact is
physically accessible. In cloud forensics, however, the fact that the devices to be purchased will reside
on different physical devices that are used by multiple cloud consumers and that the device
configuration is static. Makes any physical acquisition nearly impossible for CSP. There is also no
possibility to seize the data-containing hardware, because usually jurisdictions are stored in distributed
systems. This challenge does not apply to any type of globally distributed corporation, where all
resources are located at the premises of the company.
In the event of a crash, all machines can be easily accessed because they belong to private p
remises where the institutions have full control. The challenge extends to all three versions in
operations.
Integrity and stability
In cloud investigation for IaaS, PaaS, and SaaS, the integrity preservation reliability of evidence is
important. In our effort, we will protect data in multi-jurisdictional contexts, a daunting challenge,
without violating any rule. If the dignity is not protected then the evidence will not be admissible to the
court. Dignity will add additional confidence to cloud forensics that is appropriate for an investigator
parties to accredit to verify in question. A process to be trusted by the courts was created by the
integrity testing authority; otherwise it would be difficult to justify using them as a source for
verification of integrity. The transitory existence and dedicated explanation of the Cloud is also difficult
(Nasreidin et al, 2015).
Internal staffing
The problem affects four rates on all three-service models, from description to protection. A number of
people have to be involved as a team to carry out a cloud forensics investigation. The team should be
4
composed of professionals with technical knowledge, legal counsel and qualified professional workers
with deep knowledge of new technology and talents.
Chain of custody
The most important thing to present evidence in a court of law is to ensure that throughout the process
the chain of evidence custody is maintained in security forensics. Any custody interruption chain,
questionable facts. The gathering staff qualified to retain unique forensic techniques in evidence. The
chain of custody will be upheld in this situation. For a case in court, the investigators the chain of
custody should contain information who collected the evidence, how and where the evidence was
collected, how the evidence was stored, and who accessed the evidence (Prayudi & Sn, 2015).
Bandwidth limitation
The volume is increasing rapidly resulting to of evidence. In the previous paragraph, we referred on the
VM imaging in IaaS model. In order to collect data, investigators need to download the VM instance's
image. The bandwidth must be taken into consideration are downloading these large images.
Lack of forensic tools
The process of analyzing data in the cloud usually requires use of the forensic tools during the work.
The tools used for cloud investigation are used during the process of forensic investigation and during
cloud design investigation. Since they are not available the devises are not accessed physical and many
systems are distributed the SaaS model, PaaS model and LaaS model cannot be covered fully during
the investigation
Volume of data
The information stored In the CSP center is very large hence. This amount of information can bring
trouble during process of searching relevant digital data in an organization. The results of this
composed of professionals with technical knowledge, legal counsel and qualified professional workers
with deep knowledge of new technology and talents.
Chain of custody
The most important thing to present evidence in a court of law is to ensure that throughout the process
the chain of evidence custody is maintained in security forensics. Any custody interruption chain,
questionable facts. The gathering staff qualified to retain unique forensic techniques in evidence. The
chain of custody will be upheld in this situation. For a case in court, the investigators the chain of
custody should contain information who collected the evidence, how and where the evidence was
collected, how the evidence was stored, and who accessed the evidence (Prayudi & Sn, 2015).
Bandwidth limitation
The volume is increasing rapidly resulting to of evidence. In the previous paragraph, we referred on the
VM imaging in IaaS model. In order to collect data, investigators need to download the VM instance's
image. The bandwidth must be taken into consideration are downloading these large images.
Lack of forensic tools
The process of analyzing data in the cloud usually requires use of the forensic tools during the work.
The tools used for cloud investigation are used during the process of forensic investigation and during
cloud design investigation. Since they are not available the devises are not accessed physical and many
systems are distributed the SaaS model, PaaS model and LaaS model cannot be covered fully during
the investigation
Volume of data
The information stored In the CSP center is very large hence. This amount of information can bring
trouble during process of searching relevant digital data in an organization. The results of this
End of preview
Want to access all the pages? Upload your documents or become a member.
Related Documents
(Solution) Digital Forensics - PDFlg...
|4
|2099
|213
Digital Forensics Study - Deskliblg...
|3
|2099
|204
IFN643 Ransomware Removal Reportlg...
|11
|1954
|42
Cloud Forensics: Challenges and New Digital Forensic Projectslg...
|6
|2199
|177
Digital Forensics in Cloud Computing Investigation Processlg...
|9
|2094
|204
Cloud Computinglg...
|10
|2280
|86