The ISC International Journal of Information Security

Current Issue

By Issue

By Author

By Subject

Author Index

Keyword Index

About Journal

Aims and Scope

Editorial Board

Editorial Staff

Publication Ethics and Malpractice Statement

Indexing and Abstracting

Related Links

FAQ

Peer Review Process

News

Sponsors

Journal Metrics

Reviewers

Review Guide in Publons

Forensic-Enabled Security as a Service (FESaaS) - A Readiness Framework for Cloud Forensics

Document Type : Research Article

Authors

1 Department of Information Technology, College of Computer, Qassim University, Buraydah, Saudi Arabia

2 College of Computer Science and Information Technology, Jazan University, Jazan, Saudi Arabia.

Abstract

Digital forensics is a process of uncovering and exploring evidence from digital content. A growth in digital data in recent years has made it challenging for forensic investigators to uncover useful information. Moreover, the applied use of cloud computing has increased significantly in past few years and has introduced new challenges to forensic experts. Cloud forensics assist organizations who exercise due diligence and comply with the requirements related to sensitive information protection, maintain the records required for audits, and notify concerned parties when confidential information is compromised or exposed. One of the problems with cloud forensics is the limitation of cloud forensic models and guidelines. The aim of this project is to propose a new cloud forensic model that will help investigators and cloud service providers achieve digital forensic readiness within the cloud environment. To achieve this goal, we have studied and compared different
forensic process models to determine their limitations. Based on results of this comparative study, a new cloud forensic framework– Forensic-enabled Security as a Service (FESaaS) is presented. The security and forensic layers are aggregated to discover evidence in the proposed framework. Compared to other cloud forensic frameworks, our framework deals with live data, reports, and logs. Thus, it is sufficient and provides the capability for rapid response.

Keywords

Optional file type 1
[1] T Charles and M Pollock. Digital forensic investigations at universities in south africa. In 2015 Second International Conference on Information Security and Cyber Forensics (InfoSec), pages 53–58. IEEE, 2015.
[2] Tasleem Sulthana and Digambar Pawar. Digital forensic investigator for cloud computing environment. In Computer Communication, Networking and IoT, pages 53–61. Springer, 2021.
[3] Omi Aktera, Arnisha Aktherb, Md Ashraf Uddinc, and Md Manowarul Islamd. Cloud forensics: Challenges and blockchain based solutions. Journal of Modern Education and Computer Science, 10(8):1–12, 2020.
[4] James Baldwin, Omar MK Alhawi, Simone Shaughnessy, Alex Akinbi, and Ali Dehghantanha. Emerging from the cloud: A bibliometric analysis of cloud forensics studies. In Cyber threat intelligence, pages 311–331. Springer, 2018.
[5] George Sibiya, Thomas Fogwill, Hein S Venter, and Sipho Ngobeni. Digital forensic readiness in a cloud environment. In 2013 Africon, pages 1–5. IEEE, 2013.
[6] Victor Kebande and HS Venter. A functional architecture for cloud forensic readiness large-scale potential digital evidence analysis. In European Conference on Cyber Warfare and Security, page 373. Academic Conferences International Limited, 2015.
[7] Victor R Kebande and HS Venter. Cfraas: Architectural design of a cloud forensic readiness as-a-service model using nmb solution as a forensic agent. African Journal of Science, Technology, Innovation and Development, 11(6):749–769,2019.
[8] Victor R Kebande and Hein S Venter. A cloud forensic readiness model using a botnet as a service. In The international conference on digital security and forensics (DigitalSec2014), pages 23–32. The Society of Digital Information and Wireless Communication, 2014.
[9] Victor R Kebande and Hein S Venter. Adding event reconstruction to a cloud forensic readiness model. In 2015 Information Security for South Africa (ISSA), pages 1–9. IEEE, 2015.
[10] Brian Carrier and Eugene Spafford. An eventbased digital forensic investigation framework. Digital Investigation, 2004.
[11] Yi-Ching Liao and Hanno Langweg. Resourcebased event reconstruction of digital crime scenes. In 2014 IEEE Joint Intelligence and Security Informatics Conference, pages 129–136. IEEE, 2014.
[12] Ben Martini and Raymond Choo Kim-Kwang. An integrated conceptual digital forensic framework for cloud computing. Digital Investigation, 9(2):71–80, 2012.
[13] Ameer Pichan, Mihai Lazarescu, and Sie Teng Soh. Cloud forensics: Technical challenges, solutions and comparative analysis. Digital investigation, 13:38–57, 2015.
[14] Shams Zawoad and Ragib Hasan. Cloud forensics: a meta-study of challenges, approaches, and open problems. arXiv preprint arXiv:1302.6312, 1, 2013.
[15] Rodney McKemmish. What is forensic computing? Australian Institute of Criminology Canberra, 1999.
[16] JJ Shah and Latesh G Malik. An approach towards digital forensic framework for cloud. In 2014 IEEE International Advance Computing Conference (IACC), pages 798–801. IEEE, 2014.
[17] Darren Quick and Kim-Kwang Raymond Choo. Digital droplets: Microsoft skydrive forensic data remnants. Future Generation Computer Systems, 29(6):1378–1394, 2013.
[18] Amna Eleyan and Derar Eleyan. Forensic process as a service (fpaas) for cloud computing. In 2015 European Intelligence and Security Informatics Conference, pages 157–160. IEEE, 2015.
[19] Cornelia P Grobler and CP Louwrens. Digital forensic readiness as a component of information security best practice. In IFIP International Information Security Conference, pages 13–24. Springer, 2007.
[20] Barbara Endicott-Popovsky, Deborah A Frincke, and Carol A Taylor. A theoretical framework for organizational network forensic readiness. J. Comput., 2(3):1–11, 2007.
[21] George Sibiya, Hein S Venter, and Thomas Fogwill. Digital forensic framework for a cloud environment. pages 1–8, 2012.
[22] Yunting Lei and Yuyin Cui. Research on live forensics in cloud environment. In 2nd International Symposium on Computer, Communication, Control and Automation (3CA). Citeseer, 2013.
[23] Christopher Hargreaves and Jonathan Patterson. An automated timeline reconstruction approach for digital forensic investigations. Digital Investigation, 9:S69–S79, 2012.
[24] Robert Rowlingson et al. A ten step process for forensic readiness. International Journal of Digital Evidence, 2(3):1–28, 2004.
[25] Nasir Raza. Challenges to network forensics in cloud computing. In 2015 Conference on Information Assurance and Cyber Security (CIACS), pages 22–29. IEEE, 2015.
[26] Jooyoung Lee and Sungyong Un. Digital forensics as a service: A case study of forensic indexed search. In 2012 International Conference on ICT Convergence (ICTC), pages 499–503. IEEE, 2012.
[27] Vijay Varadharajan and Udaya Tupakula. Security as a service model for cloud environment. IEEE Transactions on network and Service management, 11(1):60–75, 2014.
[28] Karen Kent, Suzanne Chevalier, and Tim Grance. Guide to integrating forensic techniques into incident. Tech. Rep. 800-86, 10(14), 2006.
The ISC International Journal of Information Security
Volume 13, Issue 3
Special Issue
November 2021
Pages 49-57
Files
Share
How to cite
Statistics