Digital forensics cloud log unification: Implementing CADF in Apache CloudStack
| dc.contributor.author | Dalezios, N | |
| dc.contributor.author | Shiaeles, S | |
| dc.contributor.author | Kolokotronis, N | |
| dc.contributor.author | Ghita, B | |
| dc.date.accessioned | 2020-10-26T19:24:06Z | |
| dc.date.available | 2020-10-26T19:24:06Z | |
| dc.date.issued | 2020-10 | |
| dc.identifier.issn | 2214-2126 | |
| dc.identifier.issn | 2214-2134 | |
| dc.identifier.other | 102555 | |
| dc.identifier.uri | http://hdl.handle.net/10026.1/16600 | |
| dc.description.abstract |
Cloud computing is an important step in our era, delivering many advantages in business and our daily life. However, as every new technology, various challenges are brought into light with one of them being the misuse of Cloud computing environments for criminal activities. As such, Cloud service providers have to establish adequate forensic capabilities in order to support forensics investigations in the event of illegal activities in the cloud. In order to help forensics investigations, this paper deals with log format unification in cloud platforms using Distributed Management Task Force's (DMTF) Cloud Auditing Data Federation (CADF) standard. CADF event logging is utilised in the widely used OpenStack, and we have modified the Apache CloudStack platform to become forensically sound. Furthermore, we investigated the existing CloudStack platform along with the proposed CADF event model implemented, with regards to the principles of the Association of Chief Police Officers (ACPO) on handling digital evidence. The results are provided in this paper as well as an automated parsing tool/CADF event consumer, named C.Lo.D, which is freely available and can be downloaded from Github. | |
| dc.format.extent | 102555-102555 | |
| dc.language | en | |
| dc.language.iso | en | |
| dc.publisher | Elsevier BV | |
| dc.subject | Cloud computing | |
| dc.subject | Computer crime | |
| dc.subject | Forensics | |
| dc.subject | Cloud Auditing Data Federation | |
| dc.subject | CADF | |
| dc.subject | CloudStack | |
| dc.title | Digital forensics cloud log unification: Implementing CADF in Apache CloudStack | |
| dc.type | journal-article | |
| dc.type | Journal Article | |
| plymouth.author-url | https://www.webofscience.com/api/gateway?GWVersion=2&SrcApp=PARTNER_APP&SrcAuth=LinksAMR&KeyUT=WOS:000572992000002&DestLinkType=FullRecord&DestApp=ALL_WOS&UsrCustomerID=11bb513d99f797142bcfeffcc58ea008 | |
| plymouth.volume | 54 | |
| plymouth.publication-status | Published | |
| plymouth.journal | Journal of Information Security and Applications | |
| dc.identifier.doi | 10.1016/j.jisa.2020.102555 | |
| plymouth.organisational-group | /Plymouth | |
| plymouth.organisational-group | /Plymouth/Faculty of Science and Engineering | |
| plymouth.organisational-group | /Plymouth/Faculty of Science and Engineering/School of Engineering, Computing and Mathematics | |
| plymouth.organisational-group | /Plymouth/REF 2021 Researchers by UoA | |
| plymouth.organisational-group | /Plymouth/REF 2021 Researchers by UoA/UoA11 Computer Science and Informatics | |
| plymouth.organisational-group | /Plymouth/Users by role | |
| plymouth.organisational-group | /Plymouth/Users by role/Academics | |
| dc.identifier.eissn | 2214-2134 | |
| dc.rights.embargoperiod | Not known | |
| rioxxterms.versionofrecord | 10.1016/j.jisa.2020.102555 | |
| rioxxterms.licenseref.uri | http://www.rioxx.net/licenses/all-rights-reserved | |
| rioxxterms.type | Journal Article/Review |
Files in this item
This item appears in the following Collection(s)
Related items
Showing items related by title, author, creator and subject.
-
Establishing end-to-end supply chain visibility by collaborating through a cloud-based system – Exploratory findings from a Delphi method
(2013)Background: Supply chain visibility in the apparel industry has increased significantly due to the globalisation, shorter life-cycles, strong seasonality of sales, and competitive pressure. Most supply chains are composed ... -
EXTRACTION OF MESOSCALE CLOUD MOTION VECTORS FROM METEOSAT PDUS DATA
(1988)A Meteosat PDUS system has been designed around a 68000 Unix based minicomputer. Principle units designed in-house are the Low Noise Amplifier, a VHF telemetry receiver, an SPL data decoder and a real-time computer ... -
Quality of Experience Framework for Cloud Computing (QoC)
(Institute of Electrical and Electronics Engineers (IEEE), 2018)Cloud computing provides platform for pay-per-use services, such as software, hardware, and platforms. Previous cloud frameworks use fix policies that do not have the functionality to upgrade services on demand when the ...
