American Journal of Networks and Communications

| Peer-Reviewed |

Forensics and Digital Criminal Investigation Challenges in Cloud Computing and Virtualization

Received: May 15, 2019    Accepted: Jun. 17, 2019    Published: Jul. 09, 2019
Views:       Downloads:

Share This Article

Abstract

I'll address the fundamentals of Cloud Computing and Virtualization. The types of cloud computing deployment models and their relationship with the responsibility of the users are developed. The fundamentals of digital criminal investigation applied to Cloud Computing are discussed, and the most significant challenges are presented to criminal investigation and forensic sciences in this type and digital environment. The implications of Virtualization used in Cloud Computing in Criminal Investigation and Forensic Science are discussed. The paradigm case of Nested Virtualization technology is presented as an obstacle to Criminal investigation and forensic investigation. In cases of criminal investigations in traditional environments, it is common practice for computer expertise to turn off the equipment and make a copy of the disks that will be analysed later in the laboratory. This is unfeasible in a cloud computing environment, due to the large storage capacity, legal issues, geographic distribution and data control, which may vary depending on the model of service contracted. In addition, lack of physical access to data collection and lack of control over the system make information acquisition a challenging task for cloud expertise. Therefore, forensic computing has been restructured, bringing new techniques, solutions and research methods, giving rise to cloud forensics or expertise in the cloud. Thus, the so-called Forensic as a Service (FaaS) is dedicated to solving the security challenges inherent in the cloud environment. In this paper we will analyse some of these challenges.

DOI 10.11648/j.ajnc.20190801.13
Published in American Journal of Networks and Communications ( Volume 8, Issue 1, June 2019 )
Page(s) 23-31
Creative Commons

This is an Open Access article, distributed under the terms of the Creative Commons Attribution 4.0 International License (http://creativecommons.org/licenses/by/4.0/), which permits unrestricted use, distribution and reproduction in any medium or format, provided the original work is properly cited.

Copyright

Copyright © The Author(s), 2024. Published by Science Publishing Group

Keywords

Digital Forensic Science, Virtualization, Cloud Computing, Digital Criminal Investigation

References
[1] P. R. Brandão, “Cloud Computing: Fundamentals,” International Journal of Computer Science and Technology, vol. 2, 31 03 2018.
[2] P. R. Brandão, “Computer Forensics in Cloud Computing Systems,” Budapest International Research in Exact Sciences, vol. 1, Nr. 1, 02 02 2019.
[3] NIST, "NIST Cloud Computing Forensic Science Challenges (Draft NISTIR 8006): 2014," NIST, EUA, 2014.
[4] R. K., Cloud Forensics, Springer, 2011.
[5] D. M., "Forensics investigation challenges in cloud computing environments.," in International Conference on Cyber Security. Cyber Warfare and Digital Forensics, IEEE, 2012.
[6] G. H., "Forensics investigations in cloud environments," in International Conference on Computer Science and Information Processing, IEEE, 2012.
[7] H. B., “Security challenges for IaaS cloud computing,” in 44th Hawaii International Conference on System Sciences, Hawaii, 2012.
[8] B. D., “Technical issues of forensics investigations in cloud computing environments,” in Sixth International Workshop on Systematic Approaches to Digital Forensic Engineering, Oakland, 2011.
[9] A. Fahdi, “Challenges to digital forensics,” in Information Security for South Africa, Johannesburg, 2013.
[10] G. G., “The Challenges of Cloud Computing,” Digital Forensics, pp. 28-48, 2012.
[11] McKemmish, “What is Forensic Computing,” Australian Institute of Criminology, 1999.
[12] S. Stravos, “Cloud Forensics,” in Advanced Information technology Laboratory, Springer, 2014, pp. 271-284.
[13] Z. S., “Cloud Forensics,” in 3th International Conference on Emerging Intelligence data and Web Technologies, 2012.
[14] P. R. Brandão, “Virtualização: Fundamentals,” Kriativ-tech, vol. 1, Nr. 6, 2018.
[15] D. Bem, “Computer Forensics Analysis in a Virtual Environment,” International Journal of Digital Evidence, vol. 6, Nr. 2, 2007.
[16] Q. L., “An In-VM Measuring Framework for Increasing Virtual Machine Security in Clouds,” Security & Privacy. IEEE, vol. 8, Nr. 6, pp. 56-62, 2010.
[17] A. Gavrilovska, "Abstract High-Performance Hypervisor," HPVCVirt 2007, Portugal, 2007.
[18] Vaughan-Nichols, “New Approach to Virtualization Is a Lightweight,” Computer, pp. 12-14, November 2006.
[19] Y. Zhang, “Research on the Technology of Secure Computer Forensics,” in Intelligent Information Technology and Security Informatics, 2010.
[20] K. Nance, “Investigating the Implications of Virtual Machines Introspection for Digital Forensics,” in International Conference on Availability, Reliability, and Security, 2009.
[21] W. Lam, "You are here: Home / NESTED VIRTUALIZATION," Virtually Ghetto, [Online]. Available: https://www.virtuallyghetto.com/nested-virtualization. [Accessed in 10-05-2019].
[22] S. Cooley, “Run Hyper-V in a Virtual Machine with Nested Virtualization,” Microsoft, [Online]. Available: https://docs.microsoft.com/en-us/virtualization/hyper-v-on-windows/user-guide/nested-virtualization. [Accessed in 10-05-2019].
[23] B. Lee, “How to set up Hyper-V Nested Virtualization in Windows Server 2016,” Vembu, [Online]. Available: https://www.vembu.com/blog/setting-hyper-v-nested-virtualization-windows-server-2016/. [accessed in 10-05-2019].
[24] E. Wright, “A QUICK GUIDE TO NESTED VIRTUALIZATION,” Turbonomic, [Online]. Available: https://blog.turbonomic.com/blog/on-technology/a-quick-guide-to-nested-virtualization. [accessed in 10-05-2019].
Cite This Article
  • APA Style

    Pedro Ramos Brandao. (2019). Forensics and Digital Criminal Investigation Challenges in Cloud Computing and Virtualization. American Journal of Networks and Communications, 8(1), 23-31. https://doi.org/10.11648/j.ajnc.20190801.13

    Copy | Download

    ACS Style

    Pedro Ramos Brandao. Forensics and Digital Criminal Investigation Challenges in Cloud Computing and Virtualization. Am. J. Netw. Commun. 2019, 8(1), 23-31. doi: 10.11648/j.ajnc.20190801.13

    Copy | Download

    AMA Style

    Pedro Ramos Brandao. Forensics and Digital Criminal Investigation Challenges in Cloud Computing and Virtualization. Am J Netw Commun. 2019;8(1):23-31. doi: 10.11648/j.ajnc.20190801.13

    Copy | Download

  • @article{10.11648/j.ajnc.20190801.13,
      author = {Pedro Ramos Brandao},
      title = {Forensics and Digital Criminal Investigation Challenges in Cloud Computing and Virtualization},
      journal = {American Journal of Networks and Communications},
      volume = {8},
      number = {1},
      pages = {23-31},
      doi = {10.11648/j.ajnc.20190801.13},
      url = {https://doi.org/10.11648/j.ajnc.20190801.13},
      eprint = {https://download.sciencepg.com/pdf/10.11648.j.ajnc.20190801.13},
      abstract = {I'll address the fundamentals of Cloud Computing and Virtualization. The types of cloud computing deployment models and their relationship with the responsibility of the users are developed. The fundamentals of digital criminal investigation applied to Cloud Computing are discussed, and the most significant challenges are presented to criminal investigation and forensic sciences in this type and digital environment. The implications of Virtualization used in Cloud Computing in Criminal Investigation and Forensic Science are discussed. The paradigm case of Nested Virtualization technology is presented as an obstacle to Criminal investigation and forensic investigation. In cases of criminal investigations in traditional environments, it is common practice for computer expertise to turn off the equipment and make a copy of the disks that will be analysed later in the laboratory. This is unfeasible in a cloud computing environment, due to the large storage capacity, legal issues, geographic distribution and data control, which may vary depending on the model of service contracted. In addition, lack of physical access to data collection and lack of control over the system make information acquisition a challenging task for cloud expertise. Therefore, forensic computing has been restructured, bringing new techniques, solutions and research methods, giving rise to cloud forensics or expertise in the cloud. Thus, the so-called Forensic as a Service (FaaS) is dedicated to solving the security challenges inherent in the cloud environment. In this paper we will analyse some of these challenges.},
     year = {2019}
    }
    

    Copy | Download

  • TY  - JOUR
    T1  - Forensics and Digital Criminal Investigation Challenges in Cloud Computing and Virtualization
    AU  - Pedro Ramos Brandao
    Y1  - 2019/07/09
    PY  - 2019
    N1  - https://doi.org/10.11648/j.ajnc.20190801.13
    DO  - 10.11648/j.ajnc.20190801.13
    T2  - American Journal of Networks and Communications
    JF  - American Journal of Networks and Communications
    JO  - American Journal of Networks and Communications
    SP  - 23
    EP  - 31
    PB  - Science Publishing Group
    SN  - 2326-8964
    UR  - https://doi.org/10.11648/j.ajnc.20190801.13
    AB  - I'll address the fundamentals of Cloud Computing and Virtualization. The types of cloud computing deployment models and their relationship with the responsibility of the users are developed. The fundamentals of digital criminal investigation applied to Cloud Computing are discussed, and the most significant challenges are presented to criminal investigation and forensic sciences in this type and digital environment. The implications of Virtualization used in Cloud Computing in Criminal Investigation and Forensic Science are discussed. The paradigm case of Nested Virtualization technology is presented as an obstacle to Criminal investigation and forensic investigation. In cases of criminal investigations in traditional environments, it is common practice for computer expertise to turn off the equipment and make a copy of the disks that will be analysed later in the laboratory. This is unfeasible in a cloud computing environment, due to the large storage capacity, legal issues, geographic distribution and data control, which may vary depending on the model of service contracted. In addition, lack of physical access to data collection and lack of control over the system make information acquisition a challenging task for cloud expertise. Therefore, forensic computing has been restructured, bringing new techniques, solutions and research methods, giving rise to cloud forensics or expertise in the cloud. Thus, the so-called Forensic as a Service (FaaS) is dedicated to solving the security challenges inherent in the cloud environment. In this paper we will analyse some of these challenges.
    VL  - 8
    IS  - 1
    ER  - 

    Copy | Download

Author Information
  • Interdisciplinary Centre for History, Cultures, and Societies, Evora University, Evora, Portugal

  • Section