Customize

The Cloud

Discussion in 'General Discussion' started by Anonymous, Mar 3, 2013.

  1. Anonymous Member

    http://cryptome.org/2013/02/cloud-forensics.pdf

    a botnet attack on Amazon’s cloud infrastructure was reported in 2009 [6]. Besides attacking cloud infras- tructure, adversaries can use the cloud to launch attack on other systems. For example, an adversary can rent hundreds of virtual machines (VM) to launch a Distributed Denial of Service (DDoS) attack. After a successful attack, she can erase all the traces of the attack by turning off the VMs. A criminal can also keep her secret files (e.g., child pornography, terrorist documents) in cloud storage and can destroy all evidence from her local storage to remain clean. To investigate such crimes involving clouds, investigators have to carry out a digital forensic investigation in the cloud environment. This particular branch of forensic has become known as Cloud Forensics.



    http://cryptome.org/2013/02/cloud-forensics.pdf



    a botnet attack on Amazon’s cloud infrastructure was reported in 2009 [6]. Besides attacking cloud infras- tructure, adversaries can use the cloud to launch attack on other systems. For example, an adversary can rent hundreds of virtual machines (VM) to launch a Distributed Denial of Service (DDoS) attack. After a successful attack, she can erase all the traces of the attack by turning off the VMs. A criminal can also keep her secret files (e.g., child pornography, terrorist documents) in cloud storage and can destroy all evidence from her local storage to remain clean. To investigate such crimes involving clouds, investigators have to carry out a digital forensic investigation in the cloud environment. This particular branch of forensic has become known as Cloud Forensics.


    evidence can be available in three different states in cloud – at rest, in motion, and in execution [28]. Data that occupies the disk space is called data at rest. Data that can be transferred from one state to another state is referred to as data in motion. Sometimes, we have executable data, for example, image snapshot. We can load and run an image snapshot to get the data in rest and data in motion. In cloud forensics, data collection procedure also varies depending on the service and deployment model of clouds.
    • Like Like x 1
  2. Anonymous Member

    ^^^

    Cloud Forensics: A Meta-Study of Challenges, Approaches, and Open Problems
  3. Anonymous Member

    computer forensic is “an applied science to identify a incident, collection, examination, and analysis of evidence data”. In computer forensics, maintaining the integrity of the information and strict chain of custody for the data is mandatory. Several other researchers define computer forensic as the procedure of examining computer system to determine potential legal evidence
  4. Anonymous Member

    According to Birk, evidence can be available in three different states in cloud – at rest, in motion, and in execution [28]. Data that occupies the disk space is called data at rest. Data that can be transferred from one state to another state is referred to as data in motion. Sometimes, we have executable data, for example, image snapshot. We can load and run an image snapshot to get the data in rest and data in motion. In cloud forensics, data collection procedure also varies depending on the service and deployment model of clouds.



    Physical Inaccessibility.
    assume that we have physical access to the computers. However, in cloud forensics, the situation is different. Sometimes, we do not even know where the data is located as it is distributed among many hosts in multiple data centers. A number of researchers address this issue in their work [28], [29], [30], [3

    Less Control in Clouds and Dependence on the CSP.
    In traditional computer forensics, investigators have full control over the evidence (e.g., a hard drive confiscated by police). In a cloud, unfortunately, the control over data varies in different service mode

    .Volatile Data. Volatile data cannot sustain without power. When we turn off a Virtual Machine (VM), all the data will be lost if we do not have the image of the instanc

    Trust Issue. Dependence on the third party also poses trust issue in investigation procedure. In the child pornography case study, Dykstra et al. highlighted the trust issue in collecting evidence [29]. After issuing a search warrant, the examiner needs a technician of the cloud provider to collect data. However, the employee of the cloud provider who collects data is most likely not a licensed forensics investigator and it is not possible to guarantee his integrity in a court of law

    Large Bandwidth: In Section I, we have seen that the amount of digital evidence is increasing rapidly. Guo et al. pointed out the requirement of large bandwidth issue for time critical investigation

    Multi-tenancy. In cloud computing, multiple VM can share the same physical infrastructure, i.e., data for multiple customers may be co-located. we need to prove that data were not co- mingled with other users’ data [29], [30]. And secondly, we need to preserve the privacy of other tenants while performing an investigation

    E. Crime Scene Reconstruction
    To investigate a malicious activity, sometimes the in- vestigators need to reconstruct the crime scene. It helps them to understand how an adversary launched the attack. However, in cloud environment, that could be a problem [32]. If an adversary shut down her virtual instance after a malicious activity or undeploy his malicious website, then reconstruction of the crime scene will be impossible.
  5. Anonymous Member

  6. Anonymous Member

    Granny Cloud ^^
  7. Anonymous Member

    http://cryptome.org/2013/09/cloud-security-issues.pdf
    August 31, 2013
    Security Issues on Cloud Computing

    Caveat Emptor
    • Like Like x 1
  8. Anonymous Member

  9. Anonymous Member

  10. Anonymous Member

    Case in point-
    Security of cloud information
    http://www.ohsu.edu/xd/about/news_events/news/2013/07-28-ohsu-notifies-patients-o.cfm
  11. Anonymous Member

    Cloud computing user privacy in serious need of reform, scholars say


    http://news.illinois.edu/news/13/0611cloudsecurity_JayKesan.html
    • Like Like x 1
  12. Anonymous Member

    Hacking using the cloud

    BTW I didn't understand any of this except the cloud makes it easier
  13. Anonymous Member

  14. Anonymous Member

  15. Anonymous Member

    http://www.forbes.com/sites/tamlinm...ticizes-the-nsa-warns-of-cloud-balkanization/
    B
  16. Anonymous Member

    http://cryptome.org/2013/11/commune-shared-cloud.pdf

Share This Page

Customize Theme Colors

Close

Choose a color via Color picker or click the predefined style names!

Primary Color :

Secondary Color :
Predefined Skins