Article details

Title: Digital Forensics in Cloud Computing Applied to New or Existing Datacenter Architectures
Author(s): Alecsandru PătraÅŸcu   Ion Bica   Victor-Valeriu Patriciu         

Abstract: Cloud computing technologies have an important place in today’s digital environment as they offer the user attractive benefits such as information backup, file storage, renting virtual machines. In this context we need to know exactly where, when and how a piece of data is processed and, even more, we need to know what is happening in a datacenter at the virtual machine level. This means we must have installed, at the datacenter level, a system that can detect anomalies based on the usage pattern of virtual machines. In this paper we will present a novel way of monitoring virtual machine activity in datacenters and how we use this information in order to train our automated anomalies machine learning modules.

Keywords: Cloud computing, data forensics, anomaly detection framework, distributed computing

References:

[1] K. KENT, S. CHEVALIER, T. GRANCE, H. DANG – Guide to Integrating Forensic Techniques into Incident Response, NIST SP800-86 Notes, Aug. 2006, http://cybersd.com/sec2/800-86Summary.pdf
[2] B. GROBAUER, T. SCHRECK – Towards Incident Handling in the Cloud: Challenges and Approaches, , Proc. of the 2010 ACM Workshop on Cloud Computing Security Workshop, pp. 77-86, New York, NY, Oct. 8, 2010
[3] G. CHEN, Y. DU, P. QIN, J. DU – Suggestions to Digital Forensics in Cloud Computing ERA, Proc. of the 3rd IEEE International Conference on Network Infrastructure and Digital Content (IC-NIDC), pp. 540-544, Beijing, China, Sep. 21-23, 2012
[4] T. TAKAHASHI, Y. KADOBAYASHI, H. FUJIWARA – Ontological Approach toward Cybersecurity in Cloud Computing, Proc. of the 3rd International Conference on Security of Information and Networks SIN 2010, Taganrog, Russia, Sep. 7-11, 2010
[5] ] M. SIMMONS, H. CHI – Designing and Implementing Cloud-Based Digital Forensics Hands-on Labs, Proc. of the 2012 Information Security Curriculum Development Conference, pp. 69-74, New York, NY, 2012
[6] S. ZAWOAD, A.K. DUTTA, R. HASAN – SecLaaS: Secure Logging-as-a-Service for Cloud Forensics, Proc. of the 8th ACM Symposium on Information, Computer and Communications Security, pp. 219-230, New York, NY, 2013