Network Forensics for Cloud Computing - Distributed Applications and Interoperable Systems
Conference Papers Year : 2013

Network Forensics for Cloud Computing

Tobias Gebhardt
  • Function : Author
  • PersonId : 1004036
Hans P. Reiser
  • Function : Author
  • PersonId : 1004037

Abstract

Computer forensics involves the collection, analysis, and reporting of information about security incidents and computer-based criminal activity. Cloud computing causes new challenges for the forensics process. This paper addresses three challenges for network forensics in an Infrastructure-as-a-Service (IaaS) environment: First, network forensics needs a mechanism for analysing network traffic remotely in the cloud. This task is complicated by dynamic migration of virtual machines. Second, forensics needs to be targeted at the virtual resources of a specific cloud user. In a multi-tenancy environment, in which multiple cloud clients share physical resources, forensics must not infringe the privacy and security of other users. Third, forensic data should be processed directly in the cloud to avoid a costly transfer of huge amounts of data to external investigators. This paper presents a generic model for network forensics in the cloud and defines an architecture that addresses above challenges. We validate this architecture with a prototype implementation based on the OpenNebula platform and the Xplico analysis tool.
Fichier principal
Vignette du fichier
978-3-642-38541-4_3_Chapter.pdf (391.08 Ko) Télécharger le fichier
Origin Files produced by the author(s)
Loading...

Dates and versions

hal-01489462 , version 1 (14-03-2017)

Licence

Identifiers

Cite

Tobias Gebhardt, Hans P. Reiser. Network Forensics for Cloud Computing. 13th International Conference on Distributed Applications and Interoperable Systems (DAIS), Jun 2013, Florence, Italy. pp.29-42, ⟨10.1007/978-3-642-38541-4_3⟩. ⟨hal-01489462⟩
475 View
2340 Download

Altmetric

Share

More