Multi-Level and Mutual Log Integrity Preservation Approach for Cloud Forensics using Public Key Infrastructure
Keywords:
Cloud Security, Cloud Forensics, Evidence Integrity, Log Analysis, Public KeyAbstract
The increasing growth of cloud computing makes the forensic investigation complex. It is very significant to collect and preserve the admissible evidences of different actions happened in the cloud environment in spite of collusion problem. The forensic investigation of logs poses a great challenge to make sure that the investigated logs are not tampered and consistent. Various integrity preservation methods are developed to secure the trustworthy evidences of cloud, but storing the logs of user actions and to ensure the trustworthiness with respect to forensic investigation still result a challenging issue in cloud. Hence, an effective multi-level and mutual log integrity preservation method is developed to assure the integrity of log evidence using public key infrastructure. The integrity preservation mechanism is modelled by employing the security mechanisms, such as hashing, encryption, decryption, and walsh transform. The communication between the entities is achieved by generating the keys using the hashing and encryption function with the concatenation operator. However, the public key and the random number is used to generate the message that can be exchanged between the cloud entities. The investigation process is done by the investigator for transferring the encrypted log file to the server. The proposed method achieved higher performance by considering the 500 number of cloud users in terms of detection rate, memory, and time with the values of 0.9828, 2185 bytes, and 7287 ms, respectively.
References
Reilly D., Wren C. and Berry T., “Cloud computing: Forensic challenges for law enforcement”, IEEE International Conference for Internet Technology and Secured Transactions, pp. 1-7, November 2010.
RightScale R., “State of the cloud report”, 2015.
Tian J. and Jing X., “Cloud data integrity verification scheme for associated tags”, Computers & Security, pp.101847, 2020.
Ashok Kumar C., Vimala R., "Load Balancing in Cloud Environment Exploiting Hybridization of Chicken Swarm and Enhanced Raven Roosting Optimization Algorithm", Multimedia Research, vol.3, no.1, pp. 45-55, 2020.
Huang P., Fan K., Yang H., Zhang K., Li H. and Yang Y., “A Collaborative Auditing Blockchain for Trustworthy Data Integrity in Cloud Storage System”, IEEE Access, vol. 8, pp. 94780-94794, 2020.
Pichan A., Lazarescu M. and Soh S.T., “Towards a practical cloud forensics logging framework”, Journal of Information Security and Applications, vol. 42, pp. 18-28, 2018.
Balduzzi M., Zaddach J., Balzarotti D., Kirda E. and Loureiro S., “A security analysis of amazon`s elastic compute cloud service”, In Proceedings of the 27th Annual ACM Symposium on Applied Computing, pp. 1427-1434, March 2012.
Subashini S. and Kavitha V., “A survey on security issues in service delivery models of cloud computing”, Journal of Network and Computer Applications, vol. 34, no. 1, pp. 1-11, 2011.
Zawoad S. and Hasan R., “Towards building proofs of past data possession in cloud forensics”, ASE Science Journal, vol. 1, no. 4, pp. 195-207, 2012.
Birk D. and Wegener C., “Technical issues of forensic investigations in cloud computing environments”, In Sixth IEEE International Workshop on Systematic Approaches to Digital Forensic Engineering, pp. 1-10, May 2011.
Grispos G., Storer T. and Glisson W.B., “Calm before the storm: The challenges of cloud computing in digital forensics”, International Journal of Digital Crime and Forensics (IJDCF), vol. 4, no. 2, pp. 28-48, 2012.
Lokhande P. and Mane V., “Log based privacy preservation in cloud forensic”, 3rd International Conference on Electrical, Electronics, Engineering Trends, Communication, Optimization and Sciences (EEECOS 2016), Tadepalligudem, 2016, pp. 1-6, doi: 10.1049/cp.2016.1513.
Zawoad S., Dutta A.K. and Hasan R., “Towards building forensics enabled cloud through secure logging-as-a-service”, IEEE Transactions on Dependable and Secure Computing, vol. 13, no. 2, pp. 148-162, 2015.
Goodin D., “Amazon cloud hosts nasty banking Trojan”, The Register, 2011.
Zamani M., Safkhani M., Daneshpour N. and Abbasian A., “A New Searchable Encryption Scheme with Integrity Preservation Property”, Wireless Personal Communications, pp. 1-24, 2020.
Jain P., “Decentralize Log File Storage and Integrity Preservation using Blockchain”, International Journal of Computer Science and Information Technologies, vol. 11, no. 2, pp. 21-30, 2020,
Jayaraman I. and Panneerselvam A.S., “A novel privacy preserving digital forensic readiness provable data possession technique for health care data in cloud”, Journal of Ambient Intelligence and Humanized Computing, pp.1-14, 2020.
Dykstra, Josiah. "Seizing Electronic Evidence from Cloud Computing Environments." In Cloud Technology: Concepts, Methodologies, Tools, and Applications, IGI Global, Hershey, PA, pp. 2033-2062, 2015.
Bellare, M. and Yee, B., “Forward-security in private-key cryptography”, In Cryptographers’ Track at the RSA Conference, Springer, Berlin, Heidelberg, pp. 1-18, April 2003.
Garg, N., Bawa, S. and Kumar, N., “An efficient data integrity auditing protocol for cloud computing”, Future Generation Computer Systems, 2020.
Devagnanam J, Elango N M, "Optimal Resource Allocation of Cluster using Hybrid Grey Wolf and Cuckoo Search Algorithm in Cloud Computing", Journal of Networking and Communication Systems, vol.3, no.1, pp. 31-40, 2020.
Birk, D. and Wegener, C., “Technical issues of forensic investigations in cloud computing environments”, In Sixth IEEE International Workshop on Systematic Approaches to Digital Forensic Engineering, pp. 1-10, May 2011.
Holt, J.E., “Logcrypt: forward security and public verification for secure audit logs”, In ACM international conference proceeding series, vol. 167, pp. 203-211, January 2006.
Ma, D. and Tsudik, G., “A new approach to secure logging”, ACM Transactions on Storage (TOS), vol. 5, no. 1, pp. 1-21, 2009.
Vhatkar Kapil Netaji, Bhole G P, "Optimal Container Resource Allocation Using Hybrid SA-MFO Algorithm in Cloud Architecture", Multimedia Research, vol.3, no.1, pp. 11-20, 2020.
Rane, S., Wagh, S. and Dixit, A., “Securing Trustworthy Evidences for Robust Forensic Cloud in Spite of Multi-stakeholder Collusion Problem”, In International Conference on Hybrid Intelligent Systems, Springer, Cham, pp. 376-386, December 2019.
Singh, K.D., Sharma, A., Singh, S., Singh, V. and Rane, S., “Integrity and confidentiality preservation in cloud”, In IEEE International conference of Electronics, Communication and Aerospace Technology (ICECA), vol. 2, pp. 419-424, April 2017.
Dalezios, N., Shiaeles, S., Kolokotronis, N. and Ghita, B., “Digital forensics cloud log unification: Implementing CADF in Apache CloudStack”, Journal of Information Security and Applications, vol. 54, pp. 102555, 2020.
Khan, M.N.A. and Ullah, S., “A log aggregation forensic analysis framework for cloud computing environments”, Computer Fraud & Security, no. 7, pp. 11-16, 2017.
Patidar, M. and Bansal, P., “Log-Based Approach for Security Implementation in Cloud CRM’s”, In Data, Engineering and Applications, Springer, Singapore, pp. 33-43, 2019.
Downloads
Published
How to Cite
Issue
Section
License
This work is licensed under a Creative Commons Attribution 4.0 International License.
Authors contributing to this journal agree to publish their articles under the Creative Commons Attribution 4.0 International License, allowing third parties to share their work (copy, distribute, transmit) and to adapt it, under the condition that the authors are given credit and that in the event of reuse or distribution, the terms of this license are made clear.
