Cloud Storage Forensics: Analysis of MEGA App on iOS/Android
VerifiedAdded on  2020/05/11
|14
|2994
|68
Report
AI Summary
This report delves into the realm of cloud storage forensics, utilizing the MEGA application as a focal point for analysis. It begins with an introduction to the significance of smartphones and cloud applications, highlighting their role in both communication and potential criminal activities. The report then provides a brief overview of cloud forensics, its dimensions, and its applications, emphasizing its importance in investigations, data recovery, and troubleshooting. It outlines the methodologies and tools employed in cloud forensics, including data collection, elastic and static forensics, and the process of investigation. The core of the report lies in its analysis of the MEGA app, examining how data modification occurs during file uploads and downloads, and how evidence is affected on both iOS and Android platforms. The findings reveal the recovery of user data, the preservation of file integrity, and the modification of timestamps. The report concludes that while the MEGA app does not modify file contents, timestamps are altered, providing valuable insights into digital forensics processes. The report also provides references and appendices containing experiment details to support the findings.
Running head: CLOUD STORAGE FORENSICS
Cloud Storage Services
Name of the Student
Name of the University
Author’s notes
Cloud Storage Services
Name of the Student
Name of the University
Author’s notes
Paraphrase This Document
Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser
1
CLOUD STORAGE FORENSICS
Table of Contents
Introduction......................................................................................................................................2
Analysis...........................................................................................................................................2
Brief Overview of Cloud Forensics...........................................................................................2
Cloud Forensics Usage..............................................................................................................3
Methodologies and Tools..........................................................................................................4
Findings...........................................................................................................................................6
Conclusion.......................................................................................................................................8
References........................................................................................................................................9
Glossary.........................................................................................................................................11
Appendices....................................................................................................................................12
Appendix 1...............................................................................................................................12
Appendix 2...............................................................................................................................12
Appendix 3...............................................................................................................................13
CLOUD STORAGE FORENSICS
Table of Contents
Introduction......................................................................................................................................2
Analysis...........................................................................................................................................2
Brief Overview of Cloud Forensics...........................................................................................2
Cloud Forensics Usage..............................................................................................................3
Methodologies and Tools..........................................................................................................4
Findings...........................................................................................................................................6
Conclusion.......................................................................................................................................8
References........................................................................................................................................9
Glossary.........................................................................................................................................11
Appendices....................................................................................................................................12
Appendix 1...............................................................................................................................12
Appendix 2...............................................................................................................................12
Appendix 3...............................................................................................................................13
2
CLOUD STORAGE FORENSICS
Introduction
Smartphones play a significant role in this generation. Almost everyone in this generation
uses smartphones for the purpose of communicating with others and also carries out several other
works. Smartphones consists of cloud applications that can be used for storage purposes. This
facilitates the users to access their own data whenever required. Criminals have started to use
these smartphones for carrying out illegal and criminal activities (Poisel, Malzer & Tjoa, 2013).
The mobile devices that have been used by the criminals can be used for the purpose of
investigating any traditional or cyber crime. MEGA is considered to be a cloud application that
can store data just like Dropbox and Google Drive (Daryabar, Dehghantanha & Choo, 2017).
This report examines and analyzes a scenario that is based on cloud forensics. This report
is based on the case study of the MEGA cloud application. It discusses about the cloud forensics
concepts. It also discusses about the various usages of cloud forensics. This report critically
analyzes the case study of MEGA app and attempts to find out the type of modification of the
metadata that will take place when the file will be uploaded and downloaded. It also tries to find
out how will the evidences that are present on an iOS and an android platform gets affected. This
report also discusses the findings of the analysis.
Analysis
Brief Overview of Cloud Forensics
Cloud forensics forms a part of digital forensics. This field is the combination of cloud
computing along with the field of digital forensics. In digital forensics, data is identified,
collected, examined and analyzed for the purpose of preserving its integrity and value (De
CLOUD STORAGE FORENSICS
Introduction
Smartphones play a significant role in this generation. Almost everyone in this generation
uses smartphones for the purpose of communicating with others and also carries out several other
works. Smartphones consists of cloud applications that can be used for storage purposes. This
facilitates the users to access their own data whenever required. Criminals have started to use
these smartphones for carrying out illegal and criminal activities (Poisel, Malzer & Tjoa, 2013).
The mobile devices that have been used by the criminals can be used for the purpose of
investigating any traditional or cyber crime. MEGA is considered to be a cloud application that
can store data just like Dropbox and Google Drive (Daryabar, Dehghantanha & Choo, 2017).
This report examines and analyzes a scenario that is based on cloud forensics. This report
is based on the case study of the MEGA cloud application. It discusses about the cloud forensics
concepts. It also discusses about the various usages of cloud forensics. This report critically
analyzes the case study of MEGA app and attempts to find out the type of modification of the
metadata that will take place when the file will be uploaded and downloaded. It also tries to find
out how will the evidences that are present on an iOS and an android platform gets affected. This
report also discusses the findings of the analysis.
Analysis
Brief Overview of Cloud Forensics
Cloud forensics forms a part of digital forensics. This field is the combination of cloud
computing along with the field of digital forensics. In digital forensics, data is identified,
collected, examined and analyzed for the purpose of preserving its integrity and value (De
⊘ This is a preview!⊘
Do you want full access?
Subscribe today to unlock all pages.
Trusted by 1+ million students worldwide
3
CLOUD STORAGE FORENSICS
Marco, Kechadi & Ferrucci, 2013). In cloud computing, users are allowed to share resources
over the web depending on their demand by paying the price as per their usage. Cloud forensics
can be considered to be a sub part of the network forensics. Cloud forensics has three dimensions
called legal, technical and organizational dimension. Mobile phones often use cloud storage
services. Mobile applications are able to store data and leave a trace of criminal activities. This
can be helpful for the purpose of investigating any criminal act. It also plays a major role in
criminal litigation as well as civil litigation.
An organizational structure consists of several types of staffs like internal and external
employees and staffs. These staffs play a major role in digital forensic processes (Ruan &
Carthy, 2012). Investigators are the most important and significant staff that participate in the
process of digital forensics. They are highly qualified and experienced individuals who are
capable of investigating a criminal activity by using the capabilities of forensics. IT professionals
also play a major role in the process of investigation. They assist the investigators and help them
when the knowledge of information technology is required. Another main role in the process of
digital forensics is played by the legal advisors. These professionals help in identifying the
criminals.
Cloud Forensics Usage
There are several usages of cloud forensics. Some of them are as follows:
Investigation: This is the most important usage of cloud forensics. Crimes can be
investigated in the cloud environments by using cloud forensics. If there is any violation of
policy then that can also be investigated by taking the help of cloud storage forensics (Ruan et
al., 2013). Cloud forensics will help to gather evidences for presenting it in the court.
CLOUD STORAGE FORENSICS
Marco, Kechadi & Ferrucci, 2013). In cloud computing, users are allowed to share resources
over the web depending on their demand by paying the price as per their usage. Cloud forensics
can be considered to be a sub part of the network forensics. Cloud forensics has three dimensions
called legal, technical and organizational dimension. Mobile phones often use cloud storage
services. Mobile applications are able to store data and leave a trace of criminal activities. This
can be helpful for the purpose of investigating any criminal act. It also plays a major role in
criminal litigation as well as civil litigation.
An organizational structure consists of several types of staffs like internal and external
employees and staffs. These staffs play a major role in digital forensic processes (Ruan &
Carthy, 2012). Investigators are the most important and significant staff that participate in the
process of digital forensics. They are highly qualified and experienced individuals who are
capable of investigating a criminal activity by using the capabilities of forensics. IT professionals
also play a major role in the process of investigation. They assist the investigators and help them
when the knowledge of information technology is required. Another main role in the process of
digital forensics is played by the legal advisors. These professionals help in identifying the
criminals.
Cloud Forensics Usage
There are several usages of cloud forensics. Some of them are as follows:
Investigation: This is the most important usage of cloud forensics. Crimes can be
investigated in the cloud environments by using cloud forensics. If there is any violation of
policy then that can also be investigated by taking the help of cloud storage forensics (Ruan et
al., 2013). Cloud forensics will help to gather evidences for presenting it in the court.
Paraphrase This Document
Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser
4
CLOUD STORAGE FORENSICS
Data recovery: The cloud applications can store data. Sometimes these data might get
deleted accidentally or unintentionally. Cloud forensics has the capability to recover data after it
has got deleted. Cloud forensics can also be used for recovering encrypted data.
Troubleshooting: Cloud forensics has made it simple for the users to locate files and
documents physically as well as virtually.
Log monitoring: Cloud forensics play a significant role in monitoring logs (Thorpe et al.,
2013). It helps in the process of regulatory compliance as well as auditing.
Methodologies and Tools
The process of cloud forensics uses certain procedures like:
Data collection: Forensic data is identified as well as acquired from several information
sources that exist in the cloud environment. The data can be either from the side of the provider
or from the client side. There are different cloud platforms and a single tool cannot be applied in
all the platforms. Different tools can be used in the different cloud service models. The collection
of data is done in a sequential way and it depends upon the volatility of the data. At first the data
with high volatility is collected and after that the low volatile data is collected.
Elastic and static forensics: Resources can be provisioned based on the client demand.
The cloud forensics tools have an elastic nature. The static and live forensic tools are the most
used tools in case of cloud storage forensics. E-discovery, data acquisition as well as data
recovery are such examples where such tools are used.
Investigation: Data can be retrieved by cloud forensics and these data can be investigated.
The data in the cloud platforms are highly susceptible to various kinds of threats and attacks.
CLOUD STORAGE FORENSICS
Data recovery: The cloud applications can store data. Sometimes these data might get
deleted accidentally or unintentionally. Cloud forensics has the capability to recover data after it
has got deleted. Cloud forensics can also be used for recovering encrypted data.
Troubleshooting: Cloud forensics has made it simple for the users to locate files and
documents physically as well as virtually.
Log monitoring: Cloud forensics play a significant role in monitoring logs (Thorpe et al.,
2013). It helps in the process of regulatory compliance as well as auditing.
Methodologies and Tools
The process of cloud forensics uses certain procedures like:
Data collection: Forensic data is identified as well as acquired from several information
sources that exist in the cloud environment. The data can be either from the side of the provider
or from the client side. There are different cloud platforms and a single tool cannot be applied in
all the platforms. Different tools can be used in the different cloud service models. The collection
of data is done in a sequential way and it depends upon the volatility of the data. At first the data
with high volatility is collected and after that the low volatile data is collected.
Elastic and static forensics: Resources can be provisioned based on the client demand.
The cloud forensics tools have an elastic nature. The static and live forensic tools are the most
used tools in case of cloud storage forensics. E-discovery, data acquisition as well as data
recovery are such examples where such tools are used.
Investigation: Data can be retrieved by cloud forensics and these data can be investigated.
The data in the cloud platforms are highly susceptible to various kinds of threats and attacks.
5
CLOUD STORAGE FORENSICS
Pro-active preparation: Forensic-aware cloud applications are designed in this stage. This
stage also involves access-control records, tracking authentication and design principles.
The framework of investigation of MEGA case study is discussed below:
Identification cum collection: The internal storage of iPad as well as that of Samsung
Galaxy tab II had been discovered for the collecting evidences. TCPDump had been used for the
purpose of monitoring and capturing network traffic.
Preservation: The file was acquired and verified by finding out the MD5 hash values.
Examination cum analysis: MEGA app was used on Android and iOS devices and then
images present in the internal storage were examined.
There have been ten experiments where the resetting of the devises had been done.
Hex Workshop and 0xED were used for Android devices and iOS devices respectively for
carrying out analysis of the internal storage. EDRM was used in the experiment. The
experiments that have been conducted on the iOS and Android devices are presented in a table
format (Appendix 1 and 2).
Researchers have stated that data remnants like file names, usernames had been
recovered from iPhone 4 that used iOS version 4.3.5 and from Motorola Droid that used Android
version 2.2.2. Data had also been recovered from Windows PC as well as Mac PC (Grispos,
Glisson & Storer, 2015). Dropbox, Evernote, Google Docs as well as Amazon S3 are the models
that play a significant role in the cloud storage application investigation (Chung et al., 2012).
Investigation on Windows 7 was conducted in order to find out forensic data from PicasaWeb,
Flickr, Dropbox and Google Docs (Marturana, Me & Tacconi, 2012). Researchers have said that
CLOUD STORAGE FORENSICS
Pro-active preparation: Forensic-aware cloud applications are designed in this stage. This
stage also involves access-control records, tracking authentication and design principles.
The framework of investigation of MEGA case study is discussed below:
Identification cum collection: The internal storage of iPad as well as that of Samsung
Galaxy tab II had been discovered for the collecting evidences. TCPDump had been used for the
purpose of monitoring and capturing network traffic.
Preservation: The file was acquired and verified by finding out the MD5 hash values.
Examination cum analysis: MEGA app was used on Android and iOS devices and then
images present in the internal storage were examined.
There have been ten experiments where the resetting of the devises had been done.
Hex Workshop and 0xED were used for Android devices and iOS devices respectively for
carrying out analysis of the internal storage. EDRM was used in the experiment. The
experiments that have been conducted on the iOS and Android devices are presented in a table
format (Appendix 1 and 2).
Researchers have stated that data remnants like file names, usernames had been
recovered from iPhone 4 that used iOS version 4.3.5 and from Motorola Droid that used Android
version 2.2.2. Data had also been recovered from Windows PC as well as Mac PC (Grispos,
Glisson & Storer, 2015). Dropbox, Evernote, Google Docs as well as Amazon S3 are the models
that play a significant role in the cloud storage application investigation (Chung et al., 2012).
Investigation on Windows 7 was conducted in order to find out forensic data from PicasaWeb,
Flickr, Dropbox and Google Docs (Marturana, Me & Tacconi, 2012). Researchers have said that
⊘ This is a preview!⊘
Do you want full access?
Subscribe today to unlock all pages.
Trusted by 1+ million students worldwide
6
CLOUD STORAGE FORENSICS
it is possible to insert forensic tools into the VMs of the Amazon EC2 platform (Dykstra &
Sherman, 2012). Client analysis and server analysis can also be conducted (Martini & Choo,
2013). There are different models of cloud forensics that can be useful in finding out whether
any alteration or modification of file contents has taken place (Quick & Choo, 2014). It was
found out that the non-preinstalled app file contents of the iCloud remained same and
unchanged. Data can be collected in a programmed way and from a remote or distant location by
using a six steps procedure (Martini & Choo, 2014). The research of cloud forensics is depicted
in a table format (Appendix 3).
Findings
A sound forensic process has to satisfy the following criteria as mentioned below:
Meaning: The real meaning of the data that is collected for investigation purpose must
not be lost.
Errors: Detection of error is very important in order to maintain the validity of the data.
Hash functions play a major role in this process.
Transparency: A transparent forensic process will help to carry out an effective as well as
honest investigation.
Experience: The experience of the investigators and other professionals who play a
significant role in investigation must be taken into account. Experienced individuals will help to
take a correct decision.
The MD5 hash values of the original as well as the downloaded files were determined in
the MEGA case study. These has values were compared to find out if any changes had been
CLOUD STORAGE FORENSICS
it is possible to insert forensic tools into the VMs of the Amazon EC2 platform (Dykstra &
Sherman, 2012). Client analysis and server analysis can also be conducted (Martini & Choo,
2013). There are different models of cloud forensics that can be useful in finding out whether
any alteration or modification of file contents has taken place (Quick & Choo, 2014). It was
found out that the non-preinstalled app file contents of the iCloud remained same and
unchanged. Data can be collected in a programmed way and from a remote or distant location by
using a six steps procedure (Martini & Choo, 2014). The research of cloud forensics is depicted
in a table format (Appendix 3).
Findings
A sound forensic process has to satisfy the following criteria as mentioned below:
Meaning: The real meaning of the data that is collected for investigation purpose must
not be lost.
Errors: Detection of error is very important in order to maintain the validity of the data.
Hash functions play a major role in this process.
Transparency: A transparent forensic process will help to carry out an effective as well as
honest investigation.
Experience: The experience of the investigators and other professionals who play a
significant role in investigation must be taken into account. Experienced individuals will help to
take a correct decision.
The MD5 hash values of the original as well as the downloaded files were determined in
the MEGA case study. These has values were compared to find out if any changes had been
Paraphrase This Document
Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser
7
CLOUD STORAGE FORENSICS
made or not. Hash values of the files of iOS and Android devices were compared. After this the
timestamps of the files were also compared.
Findings of Android devices are given below:
ï‚· It has been found out that when a user logs in an application then the username
gets saved in the internal storage of the Android device (Daryabar,
Dehghantanha & Choo, 2017).
ï‚· Determination of decrypted files was also possible.
ï‚· One of the main findings was that it was possible for the Android devices to
create and save shared URL links to the files.
Findings of iOS devices are given below:
ï‚· Recovery of uploaded files was possible.
 Recovery of ‘mega.ios.plist’ documents and files was also possible. It was
possible to find out the login details as well (Daryabar, Dehghantanha & Choo,
2017).
It can be said from the findings that modification of the contents of the downloaded files
was not possible by the MEGA app. After comparing the hash values of the original and the
downloaded documents it was found out that it remained the same. The timestamps of the
original and the downloaded files differed (Quick & Choo, 2013). The timestamps of the files
had been modified to the timestamps of the destination folders of the devices. The timestamps
can be compared for detecting if the files have been modified or not. It is possible to determine
the URLs and IP addresses that have been used by the app. It is also possible to determine the
CLOUD STORAGE FORENSICS
made or not. Hash values of the files of iOS and Android devices were compared. After this the
timestamps of the files were also compared.
Findings of Android devices are given below:
ï‚· It has been found out that when a user logs in an application then the username
gets saved in the internal storage of the Android device (Daryabar,
Dehghantanha & Choo, 2017).
ï‚· Determination of decrypted files was also possible.
ï‚· One of the main findings was that it was possible for the Android devices to
create and save shared URL links to the files.
Findings of iOS devices are given below:
ï‚· Recovery of uploaded files was possible.
 Recovery of ‘mega.ios.plist’ documents and files was also possible. It was
possible to find out the login details as well (Daryabar, Dehghantanha & Choo,
2017).
It can be said from the findings that modification of the contents of the downloaded files
was not possible by the MEGA app. After comparing the hash values of the original and the
downloaded documents it was found out that it remained the same. The timestamps of the
original and the downloaded files differed (Quick & Choo, 2013). The timestamps of the files
had been modified to the timestamps of the destination folders of the devices. The timestamps
can be compared for detecting if the files have been modified or not. It is possible to determine
the URLs and IP addresses that have been used by the app. It is also possible to determine the
8
CLOUD STORAGE FORENSICS
server names, certification provider and the timestamps that have been used by cloud storage
platforms and devices.
Conclusion
This report concluded that it was not possible for the MEGA app to modify the contents
of the files that have been downloaded. This report discussed about the cloud forensics concepts.
It also discussed about the various usages of cloud forensics. This report critically analyzed the
case study of MEGA app and found out the type of modification of the metadata that will take
place when the file will be uploaded and downloaded. This report discussed about the findings
from the case study of MEGA app. This report discussed about the criteria that needs to be
satisfied by a sound forensic process. It said that the hash values of the original and downloaded
files remained same but the timestamps differed. It also found out how will the evidences that are
present on an iOS and an android platform gets affected. This report also gave an overview of the
steps to be carried out in a forensic process.
CLOUD STORAGE FORENSICS
server names, certification provider and the timestamps that have been used by cloud storage
platforms and devices.
Conclusion
This report concluded that it was not possible for the MEGA app to modify the contents
of the files that have been downloaded. This report discussed about the cloud forensics concepts.
It also discussed about the various usages of cloud forensics. This report critically analyzed the
case study of MEGA app and found out the type of modification of the metadata that will take
place when the file will be uploaded and downloaded. This report discussed about the findings
from the case study of MEGA app. This report discussed about the criteria that needs to be
satisfied by a sound forensic process. It said that the hash values of the original and downloaded
files remained same but the timestamps differed. It also found out how will the evidences that are
present on an iOS and an android platform gets affected. This report also gave an overview of the
steps to be carried out in a forensic process.
⊘ This is a preview!⊘
Do you want full access?
Subscribe today to unlock all pages.
Trusted by 1+ million students worldwide
9
CLOUD STORAGE FORENSICS
References
Chung, H., Park, J., Lee, S., & Kang, C. (2012). Digital forensic investigation of cloud storage
services. Digital investigation, 9(2), 81-95.
Daryabar, F., Dehghantanha, A., & Choo, K. K. R. (2017). Cloud storage forensics: MEGA as
a case study. Australian Journal of Forensic Sciences, 49(3), 344-357.
De Marco, L., Kechadi, M. T., & Ferrucci, F. (2013, September). Cloud forensic readiness:
Foundations. In International Conference on Digital Forensics and Cyber Crime (pp.
237-244). Springer, Cham.
Dykstra, J., & Sherman, A. T. (2012). Acquiring forensic evidence from infrastructure-as-a-
service cloud computing: Exploring and evaluating tools, trust, and techniques. Digital
Investigation, 9, S90-S98.
Grispos, G., Glisson, W. B., & Storer, T. (2015). Recovering residual forensic data from
smartphone interactions with cloud storage providers. arXiv preprint arXiv:1506.02268.
Martini, B., & Choo, K. K. R. (2013). Cloud storage forensics: ownCloud as a case
study. Digital Investigation, 10(4), 287-299.
Martini, B., & Choo, K. K. R. (2014, September). Remote programmatic vCloud forensics: a
six-step collection process and a proof of concept. In Trust, Security and Privacy in
Computing and Communications (TrustCom), 2014 IEEE 13th International
Conference on (pp. 935-942). IEEE.
CLOUD STORAGE FORENSICS
References
Chung, H., Park, J., Lee, S., & Kang, C. (2012). Digital forensic investigation of cloud storage
services. Digital investigation, 9(2), 81-95.
Daryabar, F., Dehghantanha, A., & Choo, K. K. R. (2017). Cloud storage forensics: MEGA as
a case study. Australian Journal of Forensic Sciences, 49(3), 344-357.
De Marco, L., Kechadi, M. T., & Ferrucci, F. (2013, September). Cloud forensic readiness:
Foundations. In International Conference on Digital Forensics and Cyber Crime (pp.
237-244). Springer, Cham.
Dykstra, J., & Sherman, A. T. (2012). Acquiring forensic evidence from infrastructure-as-a-
service cloud computing: Exploring and evaluating tools, trust, and techniques. Digital
Investigation, 9, S90-S98.
Grispos, G., Glisson, W. B., & Storer, T. (2015). Recovering residual forensic data from
smartphone interactions with cloud storage providers. arXiv preprint arXiv:1506.02268.
Martini, B., & Choo, K. K. R. (2013). Cloud storage forensics: ownCloud as a case
study. Digital Investigation, 10(4), 287-299.
Martini, B., & Choo, K. K. R. (2014, September). Remote programmatic vCloud forensics: a
six-step collection process and a proof of concept. In Trust, Security and Privacy in
Computing and Communications (TrustCom), 2014 IEEE 13th International
Conference on (pp. 935-942). IEEE.
Paraphrase This Document
Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser
10
CLOUD STORAGE FORENSICS
Marturana, F., Me, G., & Tacconi, S. (2012, October). A case study on digital forensics in the
cloud. In Cyber-Enabled Distributed Computing and Knowledge Discovery (CyberC),
2012 International Conference on (pp. 111-116). IEEE.
Poisel, R., Malzer, E., & Tjoa, S. (2013). Evidence and Cloud Computing: The Virtual
Machine Introspection Approach. JoWua, 4(1), 135-152.
Quick, D., & Choo, K. K. R. (2013). Forensic collection of cloud storage data: Does the act of
collection result in changes to the data or its metadata?. Digital Investigation, 10(3),
266-277.
Quick, D., & Choo, K. K. R. (2014). Google drive: forensic analysis of data remnants. Journal
of Network and Computer Applications, 40, 179-193.
Ruan, K., & Carthy, J. (2012, October). Cloud forensic maturity model. In International
Conference on Digital Forensics and Cyber Crime (pp. 22-41). Springer, Berlin,
Heidelberg.
Ruan, K., Carthy, J., Kechadi, T., & Baggili, I. (2013). Cloud forensics definitions and critical
criteria for cloud forensic capability: An overview of survey results. Digital
Investigation, 10(1), 34-43.
Thorpe, S., Grandison, T., Campbell, A., Williams, J., Burrell, K., & Ray, I. (2013, June).
Towards a forensic-based service oriented architecture framework for auditing of cloud
logs. In Services (SERVICES), 203 IEEE Ninth World Congress on (pp. 75-83). IEEE.
CLOUD STORAGE FORENSICS
Marturana, F., Me, G., & Tacconi, S. (2012, October). A case study on digital forensics in the
cloud. In Cyber-Enabled Distributed Computing and Knowledge Discovery (CyberC),
2012 International Conference on (pp. 111-116). IEEE.
Poisel, R., Malzer, E., & Tjoa, S. (2013). Evidence and Cloud Computing: The Virtual
Machine Introspection Approach. JoWua, 4(1), 135-152.
Quick, D., & Choo, K. K. R. (2013). Forensic collection of cloud storage data: Does the act of
collection result in changes to the data or its metadata?. Digital Investigation, 10(3),
266-277.
Quick, D., & Choo, K. K. R. (2014). Google drive: forensic analysis of data remnants. Journal
of Network and Computer Applications, 40, 179-193.
Ruan, K., & Carthy, J. (2012, October). Cloud forensic maturity model. In International
Conference on Digital Forensics and Cyber Crime (pp. 22-41). Springer, Berlin,
Heidelberg.
Ruan, K., Carthy, J., Kechadi, T., & Baggili, I. (2013). Cloud forensics definitions and critical
criteria for cloud forensic capability: An overview of survey results. Digital
Investigation, 10(1), 34-43.
Thorpe, S., Grandison, T., Campbell, A., Williams, J., Burrell, K., & Ray, I. (2013, June).
Towards a forensic-based service oriented architecture framework for auditing of cloud
logs. In Services (SERVICES), 203 IEEE Ninth World Congress on (pp. 75-83). IEEE.
11
CLOUD STORAGE FORENSICS
Glossary
E-discovery: Electronic discovery (also called e-discovery or ediscovery) refers to any
process in which electronic data is sought, located, secured, and searched with the intent of using
it as evidence in a civil or criminal legal case.
TCPDump: TCPDump is a common packet analyzer that runs under the command line.
MD5: The MD5 algorithm is a widely used hash function producing a 128-
bit hash value. Although MD5 was initially designed to be used as a cryptographic hash function,
it has been found to suffer from extensive vulnerabilities.
Amazon S3: Amazon Simple Storage Service is storage for the Internet. It is designed to
make web-scale computing easier for developers.
VM: In computing, a virtual machine (VM) is an emulation of a computer system.
Virtual machines are based on computer architectures and provide functionality of a physical
computer.
URL: A Uniform Resource Locator (URL), colloquially termed a web address, is a
reference to a web resource that specifies its location on a computer network and a mechanism
for retrieving it. A URL is a specific type of Uniform Resource Identifier (URI), although many
people use the two terms interchangeably.
IP: An Internet Protocol address (IP address) is a numerical label assigned to each device
connected to a computer network that uses the Internet Protocol for communication.
CLOUD STORAGE FORENSICS
Glossary
E-discovery: Electronic discovery (also called e-discovery or ediscovery) refers to any
process in which electronic data is sought, located, secured, and searched with the intent of using
it as evidence in a civil or criminal legal case.
TCPDump: TCPDump is a common packet analyzer that runs under the command line.
MD5: The MD5 algorithm is a widely used hash function producing a 128-
bit hash value. Although MD5 was initially designed to be used as a cryptographic hash function,
it has been found to suffer from extensive vulnerabilities.
Amazon S3: Amazon Simple Storage Service is storage for the Internet. It is designed to
make web-scale computing easier for developers.
VM: In computing, a virtual machine (VM) is an emulation of a computer system.
Virtual machines are based on computer architectures and provide functionality of a physical
computer.
URL: A Uniform Resource Locator (URL), colloquially termed a web address, is a
reference to a web resource that specifies its location on a computer network and a mechanism
for retrieving it. A URL is a specific type of Uniform Resource Identifier (URI), although many
people use the two terms interchangeably.
IP: An Internet Protocol address (IP address) is a numerical label assigned to each device
connected to a computer network that uses the Internet Protocol for communication.
⊘ This is a preview!⊘
Do you want full access?
Subscribe today to unlock all pages.
Trusted by 1+ million students worldwide
1 out of 14
Related Documents
Your All-in-One AI-Powered Toolkit for Academic Success.
 +13062052269
info@desklib.com
Available 24*7 on WhatsApp / Email
![[object Object]](/_next/static/media/star-bottom.7253800d.svg)
Unlock your academic potential
Copyright © 2020–2025 A2Z Services. All Rights Reserved. Developed and managed by ZUCOL.