Enhanced forensic process model in cloud environment
Digital forensics practitioners have used conventional digital forensics process models to investigate cloud security incidents. Presently, there is a lack of an agreed upon or a standard process model in cloud forensics. Besides, literature has shown that there is an explicit need for consumers to...
محفوظ في:
| المؤلف الرئيسي: | |
|---|---|
| التنسيق: | أطروحة |
| اللغة: | English |
| منشور في: |
2018
|
| الموضوعات: | |
| الوصول للمادة أونلاين: | http://eprints.utm.my/id/eprint/98251/1/AhmedNourMoussaPSC2018.pdf |
| الوسوم: |
إضافة وسم
لا توجد وسوم, كن أول من يضع وسما على هذه التسجيلة!
|
| id |
my-utm-ep.98251 |
|---|---|
| record_format |
uketd_dc |
| spelling |
my-utm-ep.982512022-11-23T08:21:34Z Enhanced forensic process model in cloud environment 2018 Moussa, Ahmed Nour H Social Sciences (General) QA75 Electronic computers. Computer science Digital forensics practitioners have used conventional digital forensics process models to investigate cloud security incidents. Presently, there is a lack of an agreed upon or a standard process model in cloud forensics. Besides, literature has shown that there is an explicit need for consumers to collect evidence for due-diligence or legal reasons. Furthermore, a consumer oriented cloud forensics process model is yet to be found in the literature. This has created a lack of consumer preparedness for cloud incident investigations and dependency on providers for evidence collection. This research addressed these limitations by developing a cloud forensic process model. A design science research methodology was employed to develop the model. A set of requirements believed to be solutions for the challenges reported in three survey papers were applied in this research. These requirements were mapped to existing cloud forensic process models to further explicate the weaknesses. A set of process models suitable for the extraction of necessary processes was selected based on the requirements, and these selected models constituted the cloud forensic process model. The processes were consolidated and the model was proposed to alleviate dependency on the provider problem. In this model, three digital forensic types including forensic readiness, live forensics and postmortem forensic investigations were considered. Besides, a Cloud-Forensic-as-a-Service model that produces evidence trusted by both consumers and providers through a conflict resolution protocol was also designed. To evaluate the utility and usability of the model, a plausible case scenario was investigated. For validation purposes, the cloud forensic process model together with its implementation in the case scenario and set of requirements were presented to a group of experts for evaluation. Effectiveness of the requirements was rated positive by the experts. The findings of the research indicated that the model can be used for cloud investigation and is rated easy to be used and adopted by consumers. 2018 Thesis http://eprints.utm.my/id/eprint/98251/ http://eprints.utm.my/id/eprint/98251/1/AhmedNourMoussaPSC2018.pdf application/pdf en public http://dms.library.utm.my:8080/vital/access/manager/Repository/vital:141940 phd doctoral Universiti Teknologi Malaysia, Faculty of Engineering - School of Computing Faculty of Engineering - School of Computing |
| institution |
Universiti Teknologi Malaysia |
| collection |
UTM Institutional Repository |
| language |
English |
| topic |
H Social Sciences (General) H Social Sciences (General) |
| spellingShingle |
H Social Sciences (General) H Social Sciences (General) Moussa, Ahmed Nour Enhanced forensic process model in cloud environment |
| description |
Digital forensics practitioners have used conventional digital forensics process models to investigate cloud security incidents. Presently, there is a lack of an agreed upon or a standard process model in cloud forensics. Besides, literature has shown that there is an explicit need for consumers to collect evidence for due-diligence or legal reasons. Furthermore, a consumer oriented cloud forensics process model is yet to be found in the literature. This has created a lack of consumer preparedness for cloud incident investigations and dependency on providers for evidence collection. This research addressed these limitations by developing a cloud forensic process model. A design science research methodology was employed to develop the model. A set of requirements believed to be solutions for the challenges reported in three survey papers were applied in this research. These requirements were mapped to existing cloud forensic process models to further explicate the weaknesses. A set of process models suitable for the extraction of necessary processes was selected based on the requirements, and these selected models constituted the cloud forensic process model. The processes were consolidated and the model was proposed to alleviate dependency on the provider problem. In this model, three digital forensic types including forensic readiness, live forensics and postmortem forensic investigations were considered. Besides, a Cloud-Forensic-as-a-Service model that produces evidence trusted by both consumers and providers through a conflict resolution protocol was also designed. To evaluate the utility and usability of the model, a plausible case scenario was investigated. For validation purposes, the cloud forensic process model together with its implementation in the case scenario and set of requirements were presented to a group of experts for evaluation. Effectiveness of the requirements was rated positive by the experts. The findings of the research indicated that the model can be used for cloud investigation and is rated easy to be used and adopted by consumers. |
| format |
Thesis |
| qualification_name |
Doctor of Philosophy (PhD.) |
| qualification_level |
Doctorate |
| author |
Moussa, Ahmed Nour |
| author_facet |
Moussa, Ahmed Nour |
| author_sort |
Moussa, Ahmed Nour |
| title |
Enhanced forensic process model in cloud environment |
| title_short |
Enhanced forensic process model in cloud environment |
| title_full |
Enhanced forensic process model in cloud environment |
| title_fullStr |
Enhanced forensic process model in cloud environment |
| title_full_unstemmed |
Enhanced forensic process model in cloud environment |
| title_sort |
enhanced forensic process model in cloud environment |
| granting_institution |
Universiti Teknologi Malaysia, Faculty of Engineering - School of Computing |
| granting_department |
Faculty of Engineering - School of Computing |
| publishDate |
2018 |
| url |
http://eprints.utm.my/id/eprint/98251/1/AhmedNourMoussaPSC2018.pdf |
| _version_ |
1776100566446899200 |