Advertisement

Private Cloud Storage Forensics: Seafile as a Case Study

  • Yee-Yang Teing
  • Sajad Homayoun
  • Ali DehghantanhaEmail author
  • Kim-Kwang Raymond Choo
  • Reza M. Parizi
  • Mohammad Hammoudeh
  • Gregory Epiphaniou
Chapter

Abstract

Cloud storage forensics is an active research area, and this is unsurprising due to the increasing popularity of cloud storage services (e.g., Dropbox, Google Drive, and iCloud). Existing research generally focuses on public cloud forensics (e.g., client device forensics), rather than private cloud forensics (e.g., both client and server forensics). In this paper, we aim to address the gap by proposing a framework for forensics investigations of private cloud storage services. The proposed framework elaborates on procedures and artefact categories integral to the collection, preservation, analysis, and presentation of key evidential data from both client and server environments. Using the proposed framework to guide the investigation of Seafile, a popular open-source private cloud storage service, we demonstrate the types of client and server side artefacts that can be forensically recovered.

Keywords

Forensic science Digital forensics Cloud storage forensics Private cloud investigation Cloud server forensics Seafile forensics 

References

  1. 1.
    James Baldwin, Omar M. K. Alhawi, Simone Shaughnessy, Alex Akinbi, and Ali Dehghantanha. Emerging from the cloud: A bibliometric analysis of cloud forensics studies. In Advances in Information Security, pages 311–331. Springer International Publishing, 2018. doi: 10.1007/978-3-319-73951-9_16. URL https://doi.org/10.1007/978-3-319-73951-9_16.
  2. 2.
    Yee-Yang Teing, Ali Dehghantanha, and Kim-Kwang Raymond Choo. CloudMe forensics: A case of big data forensic investigation. Concurrency and Computation: Practice and Experience, 30 (5): e4277, jul 2017. doi: 10.1002/cpe.4277. URL https://doi.org/10.1002/cpe.4277.
  3. 3.
    Kim-Kwang Raymond Choo. Organised crime groups in cyberspace: a typology. Trends in Organized Crime, 11 (3): 270–295, Sep 2008. ISSN 1936-4830. doi: 10.1007/s12117-008-9038-9. URL https://doi.org/10.1007/s12117-008-9038-9.
  4. 4.
    Kim-Kwang Raymond Choo. Cloud computing: Challenges and future directions. http://www.aic.gov.au/publications/current Jan 2018. (Accessed on 01/02/2018).
  5. 5.
    Nurul Hidayah Ab Rahman and Kim-Kwang Raymond Choo. A survey of information security incident handling in the cloud. Computers & Security, 49: 45–69, mar 2015. doi: 10.1016/j.cose.2014.11.006. URL https://doi.org/10.1016/j.cose.2014.11.006.
  6. 6.
    Yee-Yang Teing, Ali Dehghantanha, Kim-Kwang Raymond Choo, and Laurence T Yang. Forensic investigation of p2p cloud storage services and backbone for IoT networks: BitTorrent sync as a case study. Computers & Electrical Engineering, 58: 350–363, feb 2017. doi: 10.1016/j.compeleceng.2016.08.020. URL https://doi.org/10.1016/j.compeleceng.2016.08.020.
  7. 7.
    Opeyemi Osanaiye, Haibin Cai, Kim-Kwang Raymond Choo, Ali Dehghantanha, Zheng Xu, and Mqhele Dlodlo. Ensemble-based multi-filter feature selection method for DDoS detection in cloud computing. EURASIP Journal on Wireless Communications and Networking, 2016 (1), may 2016. doi: 10.1186/s13638-016-0623-3. URL https://doi.org/10.1186/s13638-016-0623-3.
  8. 8.
    Alan Duke. 5 things to know about the celebrity nude photo hacking scandal, 2014. http://edition.cnn.com/2014/09/02/showbiz/hacked-nude-photos-five-things/, Jan 2018. (Accessed on 01/02/2018).
  9. 9.
    Opeyemi Osanaiye, Haibin Cai, Kim-Kwang Raymond Choo, Ali Dehghantanha, Zheng Xu, and Mqhele Dlodlo. Ensemble-based multi-filter feature selection method for DDoS detection in cloud computing. EURASIP Journal on Wireless Communications and Networking, 2016 (1), may 2016. doi: 10.1186/s13638-016-0623-3. URL https://doi.org/10.1186/s13638-016-0623-3.
  10. 10.
    Opeyemi Osanaiye, Kim-Kwang Raymond Choo, and Mqhele Dlodlo. Distributed denial of service (DDoS) resilience in cloud: Review and conceptual cloud DDoS mitigation framework. Journal of Network and Computer Applications, 67: 147–165, may 2016. doi: 10.1016/j.jnca.2016.01.001. URL https://doi.org/10.1016/j.jnca.2016.01.001.
  11. 11.
    Stuart Schechter David Molnar. Self hosting vs. cloud hosting: Accounting for the security impact of hosting in the cloud. http://research.microsoft.com/apps/pubs/default.aspx?id=132318, Jun 2010. (Accessed on 01/02/2018).
  12. 12.
    Amarnath Jasti, Payal Shah, Rajeev Nagaraj, and Ravi Pendse. Security in multi-tenancy cloud. In 44th Annual 2010 IEEE International Carnahan Conference on Security Technology. IEEE, oct 2010. doi: 10.1109/ccst.2010.5678682. URL https://doi.org/10.1109/ccst.2010.5678682.
  13. 13.
    R. Ko and R. Choo. The Cloud Security Ecosystem: Technical, Legal, Business and Management Issues. Elsevier Science, 2015. ISBN 9780128017807. URL https://books.google.com/books?id=meycBAAAQBAJ.
  14. 14.
    Olga Kharif Joseph Galante and Pavel Alpeyev. Sony network breach shows amazon cloud’s appeal for hackers. https://www.bloomberg.com/news/articles/2011-05-15/sony-attack-shows-amazon-s-cloud-service-lures-hackers-at-pennies-an-hour, May 2011. (Accessed on 01/02/2018).
  15. 15.
    Yee-Yang Teing, Ali Dehghantanha, Kim-Kwang Raymond Choo, Tooska Dargahi, and Mauro Conti. Forensic investigation of cooperative storage cloud service: Symform as a case study. Journal of Forensic Sciences, 62 (3): 641–654, nov 2016. doi: 10.1111/1556-4029.13271. URL https://doi.org/10.1111/1556-4029.13271.
  16. 16.
    Farid Daryabar, Ali Dehghantanha, and Kim-Kwang Raymond Choo. Cloud storage forensics: MEGA as a case study. Australian Journal of Forensic Sciences, 49 (3): 344–357, apr 2016. doi: 10.1080/00450618.2016.1153714. URL https://doi.org/10.1080/00450618.2016.1153714.
  17. 17.
    William R Claycomb and Alex Nicoll. Insider threats to cloud computing: Directions for new research challenges. In 2012 IEEE 36th Annual Computer Software and Applications Conference. IEEE, jul 2012. doi: 10.1109/compsac.2012.113. URL https://doi.org/10.1109/compsac.2012.113.
  18. 18.
    T. Dargahi, A. Dehghantanha, and M. Conti. Investigating storage as a service cloud platform. In Contemporary Digital Forensic Investigations of Cloud and Mobile Applications, pages 185–204. Elsevier, 2017. doi: 10.1016/b978-0-12-805303-4.00012-5. URL https://doi.org/10.1016/b978-0-12-805303-4.00012-5.
  19. 19.
    Ali Dehghantanha and Katrin Franke. Privacy-respecting digital investigation. In 2014 Twelfth Annual International Conference on Privacy, Security and Trust. IEEE, jul 2014. doi: 10.1109/pst.2014.6890932. URL https://doi.org/10.1109/pst.2014.6890932.
  20. 20.
    Kim-Kwang Raymond Choo and Rick Sarre. Balancing privacy with legitimate surveillance and lawful data access. IEEE Cloud Computing, 2 (4): 8–13, jul 2015. doi: 10.1109/mcc.2015.84. URL https://doi.org/10.1109/mcc.2015.84.
  21. 21.
    Surya Nepal, Rajiv Ranjan, and Kim-Kwang Raymond Choo. Trustworthy processing of healthcare big data in hybrid clouds. IEEE Cloud Computing, 2 (2): 78–84, mar 2015. doi: 10.1109/mcc.2015.36. URL https://doi.org/10.1109/mcc.2015.36.
  22. 22.
    Barton Gellman, Ashkan Soltani, and Andrea Peterson. How we know the nsa had access to internal google and yahoo cloud data. https://www.washingtonpost.com/news/the-switch/wp/2013/11/04/how-we-know-the-nsa-had-access-to-internal-google-and-yahoo-cloud-data/?noredirect=on&utm_term=.6933b51f8781, Nov 2013. (Accessed on 01/02/2018).
  23. 23.
    Rong Jiang, Rongxing Lu, and Kim-Kwang Raymond Choo. Achieving high performance and privacy-preserving query over encrypted multidimensional big metering data. Future Generation Computer Systems, 78: 392–401, jan 2018. doi: 10.1016/j.future.2016.05.005. URL https://doi.org/10.1016/j.future.2016.05.005.
  24. 24.
    Ximeng Liu, Robert H. Deng, Kim-Kwang Raymond Choo, and Jian Weng. An efficient privacy-preserving outsourced calculation toolkit with multiple keys. IEEE Transactions on Information Forensics and Security, 11 (11): 2401–2414, nov 2016. doi: 10.1109/tifs.2016.2573770. URL https://doi.org/10.1109/tifs.2016.2573770.
  25. 25.
    Ximeng Liu, Kim-Kwang Raymond Choo, Robert H. Deng, Rongxing Lu, and Jian Weng. Efficient and privacy-preserving outsourced calculation of rational numbers. IEEE Transactions on Dependable and Secure Computing, 15 (1): 27–39, jan 2018. doi: 10.1109/tdsc.2016.2536601. URL https://doi.org/10.1109/tdsc.2016.2536601.
  26. 26.
    Luciana Duranti and Corinne Rogers. Trust in digital records: An increasingly cloudy legal area. Computer Law & Security Review, 28 (5): 522–531, oct 2012. doi: 10.1016/j.clsr.2012.07.009. URL https://doi.org/10.1016/j.clsr.2012.07.009.
  27. 27.
    S.H. Mohtasebi, A. Dehghantanha, and K.-K.R. Choo. Cloud storage forensics. In Contemporary Digital Forensic Investigations of Cloud and Mobile Applications, pages 205–246. Elsevier, 2017. doi: 10.1016/b978-0-12-805303-4.00013-7. URL https://doi.org/10.1016/b978-0-12-805303-4.00013-7.
  28. 28.
    A. Dehghantanha and T. Dargahi. Residual cloud forensics. In Contemporary Digital Forensic Investigations of Cloud and Mobile Applications, pages 247–283. Elsevier, 2017. doi: 10.1016/b978-0-12-805303-4.00014-9. URL https://doi.org/10.1016/b978-0-12-805303-4.00014-9.
  29. 29.
    Ben Martini and Kim-Kwang Raymond Choo. Distributed filesystem forensics: XtreemFS as a case study. Digital Investigation, 11 (4): 295–313, dec 2014. doi: 10.1016/j.diin.2014.08.002. URL https://doi.org/10.1016/j.diin.2014.08.002.
  30. 30.
    Mohammad Shariati, Ali Dehghantanha, Ben Martini, and Kim-Kwang Raymond Choo. Ubuntu one investigation. In The Cloud Security Ecosystem, pages 429–446. Elsevier, 2015. doi: 10.1016/b978-0-12-801595-7.00019-7. URL https://doi.org/10.1016/b978-0-12-801595-7.00019-7.
  31. 31.
    Asou Aminnezhad, Ali Dehghantanha, Mohd Taufik Abdullah, and Mohsen Damshenas. Cloud forensics issues and opportunities. International Journal of Information Processing and Management, 4 (4): 76–85, jun 2013. doi: 10.4156/ijipm.vol4.issue4.9. URL https://doi.org/10.4156/ijipm.vol4.issue4.9.
  32. 32.
    Farid Daryabar and Ali Dehghantanha. A review on impacts of cloud computing and digital forensics. International Journal of Cyber-Security and Digital Forensics (IJCSDF), 2 (2), 2014.Google Scholar
  33. 33.
    M. Amine Chelihi, A. Elutilo, I. Ahmed, C. Papadopoulos, and A. Dehghantanha. An android cloud storage apps forensic taxonomy. In Contemporary Digital Forensic Investigations of Cloud and Mobile Applications, pages 285–305. Elsevier, 2017. doi: 10.1016/b978-0-12-805303-4.00015-0. URL https://doi.org/10.1016/b978-0-12-805303-4.00015-0.
  34. 34.
    Farid Daryabar, Ali Dehghantanha, Brett Eterovic-Soric, and Kim-Kwang Raymond Choo. Forensic investigation of OneDrive, box, GoogleDrive and dropbox applications on android and iOS devices. Australian Journal of Forensic Sciences, 48 (6): 615–642, mar 2016. doi: 10.1080/00450618.2015.1110620. URL https://doi.org/10.1080/00450618.2015.1110620.
  35. 35.
    Data model ⋅ seafile server manual. https://manual.seafile.com/develop/data_model.html, . (Accessed on 07/06/2018).
  36. 36.
    Fuse extension ⋅ seafile server manual. https://manual.seafile.com/extension/fuse.html, . (Accessed on 07/06/2018).
  37. 37.
    Seafile fsck ⋅ seafile server manual. https://manual.seafile.com/maintain/seafile_fsck.html, . (Accessed on 07/06/2018).
  38. 38.
    Farhood Norouzizadeh Dezfouli, Ali Dehghantanha, Brett Eterovic-Soric, and Kim-Kwang Raymond Choo. Investigating social networking applications on smartphones detecting facebook, twitter, LinkedIn and google+ artefacts on android and iOS platforms. Australian Journal of Forensic Sciences, 48 (4): 469–488, aug 2015. doi: 10.1080/00450618.2015.1066854. URL https://doi.org/10.1080/00450618.2015.1066854.
  39. 39.
    Yee-Yang Teing, Ali Dehghantanha, Kim-Kwang Raymond Choo, Zaiton Muda, Mohd Taufik Abdullah, and Wee-Chiat Chai. A closer look at syncany windows and ubuntu clients’ residual artefacts. In Lecture Notes in Computer Science, pages 342–357. Springer International Publishing, 2016. doi: 10.1007/978-3-319-49145-5_34. URL https://doi.org/10.1007/978-3-319-49145-5_34.
  40. 40.
    Mohammad Shariati, Ali Dehghantanha, and Kim-Kwang Raymond Choo. SugarSync forensic analysis. Australian Journal of Forensic Sciences, 48 (1): 95–117, apr 2015. doi: 10.1080/00450618.2015.1021379. URL https://doi.org/10.1080/00450618.2015.1021379.
  41. 41.
    Ben Blakeley, Chris Cooney, Ali Dehghantanha, and Rob Aspin. Cloud storage forensic: hubiC as a case-study. In 2015 IEEE 7th International Conference on Cloud Computing Technology and Science (CloudCom). IEEE, nov 2015. doi: 10.1109/cloudcom.2015.24. URL https://doi.org/10.1109/cloudcom.2015.24.
  42. 42.
    M. Petraityte, A. Dehghantanha, and G. Epiphaniou. Mobile phone forensics. In Contemporary Digital Forensic Investigations of Cloud and Mobile Applications, pages 79–89. Elsevier, 2017. doi: 10.1016/b978-0-12-805303-4.00006-x. URL https://doi.org/10.1016/b978-0-12-805303-4.00006-x.
  43. 43.
    Ali Dehghantanha and Katrin Franke. Privacy-respecting digital investigation. In 2014 Twelfth Annual International Conference on Privacy, Security and Trust. IEEE, jul 2014. doi: 10.1109/pst.2014.6890932. URL https://doi.org/10.1109/pst.2014.6890932.
  44. 44.
    James Gill, Ihechi Okere, Hamed HaddadPajouh, and Ali Dehghantanha. Mobile forensics: A bibliometric analysis. In Advances in Information Security, pages 297–310. Springer International Publishing, 2018. doi: 10.1007/978-3-319-73951-9_15. URL https://doi.org/10.1007/978-3-319-73951-9_15.
  45. 45.
    Mohsen Damshenas, Ali Dehghantanha, Ramlan Mahmoud, and Solahuddin bin Shamsuddin. Forensics investigation challenges in cloud computing environments. In Proceedings Title: 2012 International Conference on Cyber Security, Cyber Warfare and Digital Forensic (CyberSec). IEEE, jun 2012. doi: 10.1109/cybersec.2012.6246092. URL https://doi.org/10.1109/cybersec.2012.6246092.
  46. 46.
    Darren Quick, Ben Martini, and Kim-Kwang Raymond Choo. Cloud Storage Forensics. Elsevier, 2014. doi: 10.1016/c2013-0-09718-6. URL https://doi.org/10.1016/c2013-0-09718-6.
  47. 47.
    Ben Martini and Kim-Kwang Raymond Choo. Cloud forensic technical challenges and solutions: A snapshot. IEEE Cloud Computing, 1 (4): 20–25, nov 2014. doi: 10.1109/mcc.2014.69. URL https://doi.org/10.1109/mcc.2014.69.
  48. 48.
    Keyun Ruan, Joe Carthy, Tahar Kechadi, and Mark Crosbie. Cloud forensics. In Advances in Digital Forensics VII, pages 35–46. Springer Berlin Heidelberg, 2011. doi: 10.1007/978-3-642-24212-0_3. URL https://doi.org/10.1007/978-3-642-24212-0_3.
  49. 49.
    Dominik Birk and Christoph Wegener. Technical issues of forensic investigations in cloud computing environments. In 2011 Sixth IEEE International Workshop on Systematic Approaches to Digital Forensic Engineering. IEEE, may 2011. doi: 10.1109/sadfe.2011.17. URL https://doi.org/10.1109/sadfe.2011.17.
  50. 50.
    Stephen O’Shaughnessy and Anthony Keane. Impact of cloud computing on digital forensic investigations. In Advances in Digital Forensics IX, pages 291–303. Springer Berlin Heidelberg, 2013. doi: 10.1007/978-3-642-41148-9_20. URL https://doi.org/10.1007/978-3-642-41148-9_20.
  51. 51.
    Christopher Hooper, Ben Martini, and Kim-Kwang Raymond Choo. Cloud computing and its implications for cybercrime investigations in australia. Computer Law & Security Review, 29 (2): 152–163, apr 2013. doi: 10.1016/j.clsr.2013.01.006. URL https://doi.org/10.1016/j.clsr.2013.01.006.
  52. 52.
    Stavros Simou, Christos Kalloniatis, Evangelia Kavakli, and Stefanos Gritzalis. Cloud forensics: Identifying the major issues and challenges. In Matthias Jarke, John Mylopoulos, Christoph Quix, Colette Rolland, Yannis Manolopoulos, Haralambos Mouratidis, and Jennifer Horkoff, editors, Advanced Information Systems Engineering, pages 271–284, Cham, 2014. Springer International Publishing. ISBN 978-3-319-07881-6.Google Scholar
  53. 53.
    Mohsen Damshenas, Ali Dehghantanha, and Ramlan Mahmoud. A survey on digital forensics trends. International Journal of Cyber-Security and Digital Forensics (IJCSDF), 3: 209–234, 2014.Google Scholar
  54. 54.
    Darren Quick and Kim-Kwang Raymond Choo. Impacts of increasing volume of digital forensic data: A survey and future research challenges. Digital Investigation, 11 (4): 273–294, dec 2014. doi: 10.1016/j.diin.2014.09.002. URL https://doi.org/10.1016/j.diin.2014.09.002.
  55. 55.
    Darren Quick and Kim-Kwang Raymond Choo. Data reduction and data mining framework for digital forensic evidence: Storage, intelligence, review and archive. Trends & Issues in Crime and Criminal Justice, 480: 1–11, 2014.Google Scholar
  56. 56.
    Lingjun Zhao, Lajiao Chen, Rajiv Ranjan, Kim-Kwang Raymond Choo, and Jijun He. Geographical information system parallelization for spatial big data processing: a review. Cluster Computing, 19 (1): 139–152, Mar 2016. ISSN 1573-7543. doi: 10.1007/s10586-015-0512-2. URL https://doi.org/10.1007/s10586-015-0512-2.
  57. 57.
    Darren Quick and Kim-Kwang Raymond Choo. Big forensic data reduction: digital forensic images and electronic evidence. Cluster Computing, 19 (2): 723–740, Jun 2016. ISSN 1573-7543. doi: 10.1007/s10586-016-0553-1. URL https://doi.org/10.1007/s10586-016-0553-1.
  58. 58.
    Yanjiang Yang, Haiyan Zhu, Haibing Lu, Jian Weng, Youcheng Zhang, and Kim-Kwang Raymond Choo. Cloud based data sharing with fine-grained proxy re-encryption. Pervasive and Mobile Computing, 28: 122–134, jun 2016. doi: 10.1016/j.pmcj.2015.06.017. URL https://doi.org/10.1016/j.pmcj.2015.06.017.
  59. 59.
    Ben Martini and Kim-Kwang Raymond Choo. An integrated conceptual digital forensic framework for cloud computing. Digital Investigation, 9 (2): 71–80, nov 2012. doi: 10.1016/j.diin.2012.07.001. URL https://doi.org/10.1016/j.diin.2012.07.001.
  60. 60.
    Raffael Marty. Cloud application logging for forensics. In Proceedings of the 2011 ACM Symposium on Applied Computing - SAC 11. ACM Press, 2011. doi: 10.1145/1982185.1982226. URL https://doi.org/10.1145/1982185.1982226.
  61. 61.
    Shams Zawoad and Ragib Hasan. Cloud forensics: A meta-study of challenges, approaches, and open problems. CoRR, abs/1302.6312, 2013. URL http://arxiv.org/abs/1302.6312.
  62. 62.
    Josiah Dykstra and Alan T. Sherman. Design and implementation of FROST: Digital forensic tools for the OpenStack cloud computing platform. Digital Investigation, 10: S87–S95, aug 2013. doi: 10.1016/j.diin.2013.06.010. URL https://doi.org/10.1016/j.diin.2013.06.010.
  63. 63.
    Tobias Gebhardt and Hans P. Reiser. Network forensics for cloud computing. In Distributed Applications and Interoperable Systems, pages 29–42. Springer Berlin Heidelberg, 2013. doi: 10.1007/978-3-642-38541-4_3. URL https://doi.org/10.1007/978-3-642-38541-4_3.
  64. 64.
    Shams Zawoad, Amit Kumar Dutta, and Ragib Hasan. SecLaaS. In Proceedings of the 8th ACM SIGSAC symposium on Information, computer and communications security - ASIA CCS 13. ACM Press, 2013. doi: 10.1145/2484313.2484342. URL https://doi.org/10.1145/2484313.2484342.
  65. 65.
    Ben Martini and Kim-Kwang Raymond Choo. Remote programmatic vCloud forensics: A six-step collection process and a proof of concept. In 2014 IEEE 13th International Conference on Trust, Security and Privacy in Computing and Communications. IEEE, sep 2014. doi: 10.1109/trustcom.2014.124. URL https://doi.org/10.1109/trustcom.2014.124.
  66. 66.
    Josiah Dykstra and Alan T. Sherman. Acquiring forensic evidence from infrastructure-as-a-service cloud computing: Exploring and evaluating tools, trust, and techniques. Digital Investigation, 9: S90–S98, aug 2012. doi: 10.1016/j.diin.2012.05.001. URL https://doi.org/10.1016/j.diin.2012.05.001.
  67. 67.
    Neha Thethi and Anthony Keane. Digital forensics investigations in the cloud. In 2014 IEEE International Advance Computing Conference (IACC). IEEE, feb 2014. doi: 10.1109/iadcc.2014.6779543. URL https://doi.org/10.1109/iadcc.2014.6779543.
  68. 68.
    Hyunji Chung, Jungheum Park, Sangjin Lee, and Cheulhoon Kang. Digital forensic investigation of cloud storage services. Digital Investigation, 9 (2): 81–95, nov 2012. doi: 10.1016/j.diin.2012.05.015. URL https://doi.org/10.1016/j.diin.2012.05.015.
  69. 69.
    Darren Quick and Kim-Kwang Raymond Choo. Dropbox analysis: Data remnants on user machines. Digital Investigation, 10 (1): 3–18, jun 2013. doi: 10.1016/j.diin.2013.02.003. URL https://doi.org/10.1016/j.diin.2013.02.003.
  70. 70.
    Darren Quick and Kim-Kwang Raymond Choo. Google drive: Forensic analysis of data remnants. Journal of Network and Computer Applications, 40: 179–193, apr 2014. doi: 10.1016/j.jnca.2013.09.016. URL https://doi.org/10.1016/j.jnca.2013.09.016.
  71. 71.
    Darren Quick and Kim-Kwang Raymond Choo. Digital droplets: Microsoft SkyDrive forensic data remnants. Future Generation Computer Systems, 29 (6): 1378–1394, aug 2013. doi: 10.1016/j.future.2013.02.001. URL https://doi.org/10.1016/j.future.2013.02.001.
  72. 72.
    Jason S. Hale. Amazon cloud drive forensic analysis. Digital Investigation, 10 (3): 259–265, oct 2013. doi: 10.1016/j.diin.2013.04.006. URL https://doi.org/10.1016/j.diin.2013.04.006.
  73. 73.
    Jason Farina, Mark Scanlon, and M-Tahar Kechadi. BitTorrent sync: First impressions and digital forensic implications. Digital Investigation, 11: S77–S86, may 2014. doi: 10.1016/j.diin.2014.03.010. URL https://doi.org/10.1016/j.diin.2014.03.010.
  74. 74.
    Ben Martini and Kim-Kwang Raymond Choo. Cloud storage forensics: ownCloud as a case study. Digital Investigation, 10 (4): 287–299, dec 2013. doi: 10.1016/j.diin.2013.08.005. URL https://doi.org/10.1016/j.diin.2013.08.005.
  75. 75.
    Ben Martini, Quang Do, and Kim-Kwang Raymond Choo. Mobile cloud forensics. In The Cloud Security Ecosystem, pages 309–345. Elsevier, 2015. doi: 10.1016/b978-0-12-801595-7.00015-x. URL https://doi.org/10.1016/b978-0-12-801595-7.00015-x.
  76. 76.
    Farhood Norouzizadeh Dezfouli, Ali Dehghantanha, Ramlan Mahmoud, Nor Fazlida Binti Mohd Sani, and Solahuddin bin Shamsuddin. Volatile memory acquisition using backup for forensic investigation. In Proceedings Title: 2012 International Conference on Cyber Security, Cyber Warfare and Digital Forensic (CyberSec). IEEE, jun 2012. doi: 10.1109/cybersec.2012.6246108. URL https://doi.org/10.1109/cybersec.2012.6246108.
  77. 77.
    Teing Yee Yang, Ali Dehghantanha, Kim-Kwang Raymond Choo, and Zaiton Muda. Windows instant messaging app forensics: Facebook and skype as case studies. PLOS ONE, 11 (3): e0150300, mar 2016. doi: 10.1371/journal.pone.0150300. URL https://doi.org/10.1371/journal.pone.0150300.
  78. 78.
    Darren Quick and Kim-Kwang Raymond Choo. Forensic collection of cloud storage data: Does the act of collection result in changes to the data or its metadata? Digital Investigation, 10 (3): 266–277, oct 2013. doi: 10.1016/j.diin.2013.07.001. URL https://doi.org/10.1016/j.diin.2013.07.001.
  79. 79.
    Ben Martini, Quang Do, and Kim-Kwang Raymond Choo. Mobile cloud forensics: An analysis of seven popular android apps. CoRR, abs/1506.05533, 2015. URL http://arxiv.org/abs/1506.05533.
  80. 80.
    Karen Kent, Suzanne Chevalier, Timothy Grance, and Hung Dang. Sp 800-86. guide to integrating forensic techniques into incident response. Technical report, NIST, Gaithersburg, MD, United States, 2006.Google Scholar
  81. 81.
    Rodney McKemmish. What is forensic computing?, 1999. URL https://aic.gov.au/file/5923/download?token=KpelECkP.
  82. 82.
    Mark Scanlon, Jason Farina, and M-Tahar Kechadi. BitTorrent sync: Network investigation methodology. In 2014 Ninth International Conference on Availability, Reliability and Security. IEEE, sep 2014. doi: 10.1109/ares.2014.11. URL https://doi.org/10.1109/ares.2014.11.
  83. 83.
    Mark Scanlon, Jason Farina, Nhien-An Le-Khac, and M. Tahar Kechadi. Leveraging decentralization to extend the digital evidence acquisition window: Case study on bittorrent sync. CoRR, abs/1409.8486, 2014. URL http://arxiv.org/abs/1409.8486.
  84. 84.
    Quang Do, Ben Martini, and Kim-Kwang Raymond Choo. A forensically sound adversary model for mobile devices. PLOS ONE, 10 (9): e0138449, sep 2015. doi: 10.1371/journal.pone.0138449. URL https://doi.org/10.1371/journal.pone.0138449.
  85. 85.
    Quang Do, Ben Martini, and Kim-Kwang Raymond Choo. Is the data on your wearable device secure? an android wear smartwatch case study. Software: Practice and Experience, 47 (3): 391–403, may 2016. doi: 10.1002/spe.2414. URL https://doi.org/10.1002/spe.2414.
  86. 86.
    Nurul Hidayah Ab Rahman, Niken Dwi Wahyu Cahyani, and Kim-Kwang Raymond Choo. Cloud incident handling and forensic-by-design: cloud storage as a case study. Concurrency and Computation: Practice and Experience, 29 (14): e3868, may 2016. doi: 10.1002/cpe.3868. URL https://doi.org/10.1002/cpe.3868.
  87. 87.
    Brian Carrier. Open source digital forensics tools: The legal argument, 2002.Google Scholar
  88. 88.
    Home. https://accessdata.com/. (Accessed on 07/06/2018).
  89. 89.
    Niken Dwi Wahyu Cahyani, Ben Martini, and Kim-Kwang Raymond Choo. Using multimedia presentations to enhance the judiciary’s technical understanding of digital forensic concepts: An indonesian case study. In 2016 49th Hawaii International Conference on System Sciences (HICSS). IEEE, jan 2016. doi: 10.1109/hicss.2016.695. URL https://doi.org/10.1109/hicss.2016.695.
  90. 90.
    Niken Dwi Wahyu Cahyani, Ben Martini, Kim-Kwang Raymond Choo, and AKBP Muhammad Nuh Al-Azhar. Forensic data acquisition from cloud-of-things devices: windows smartphones as a case study. Concurrency and Computation: Practice and Experience, 29 (14): e3855, may 2016. doi: 10.1002/cpe.3855. URL https://doi.org/10.1002/cpe.3855.
  91. 91.
    Niken Dwi Wahyu Cahyani, Ben Martini, and Kim-Kwang Raymond Choo. Using multimedia presentations to enhance the judiciary’s technical understanding of digital forensic concepts: An indonesian case study. In 2016 49th Hawaii International Conference on System Sciences (HICSS). IEEE, jan 2016. doi: 10.1109/hicss.2016.695. URL https://doi.org/10.1109/hicss.2016.695.
  92. 92.
    Niken Dwi Wahyu Cahyani, Ben Martini, and Kim-Kwang Raymond Choo. Effectiveness of multimedia presentations in improving understanding of technical terminologies and concepts: a pilot study. Australian Journal of Forensic Sciences, 49 (1): 106–122, jan 2016. doi: 10.1080/00450618.2015.1128968. URL https://doi.org/10.1080/00450618.2015.1128968.
  93. 93.
    Seafile - open source file sync and share software. https://www.seafile.com/en/home/. (Accessed on 07/06/2018).
  94. 94.
    Introduction ⋅ seafile server manual. https://manual.seafile.com/. (Accessed on 07/06/2018).
  95. 95.
    Security features ⋅ seafile server manual. https://manual.seafile.com/security/security_features.html. (Accessed on 07/06/2018).
  96. 96.
    Seafile components ⋅ seafile server manual. https://manual.seafile.com/overview/components.html. (Accessed on 07/06/2018).
  97. 97.
    Backup and recovery ⋅ seafile server manual. https://manual.seafile.com/maintain/backup_recovery.html. (Accessed on 07/06/2018).
  98. 98.
    Dongsong Zhang and Boonlit Adipat. Challenges, methodologies, and issues in the usability testing of mobile applications. International Journal of Human-Computer Interaction, 18 (3): 293–308, jul 2005. doi: 10.1207/s15327590ijhc1803_3. URL https://doi.org/10.1207/s15327590ijhc1803_3.
  99. 99.
    Does ccnet/mykey.peer need to be backed up? ⋅ issue #1044 ⋅ haiwen/seafile. https://github.com/haiwen/seafile/issues/1044. (Accessed on 07/06/2018).
  100. 100.
    Webbrowserpassview - recover lost passwords stored in your web browser. http://www.nirsoft.net/utils/web_browser_password.html. (Accessed on 07/06/2018).
  101. 101.
    Sync algorithm ⋅ seafile server manual. https://manual.seafile.com/develop/sync_algorithm.html. (Accessed on 07/06/2018).
  102. 102.
    Web api ⋅ seafile server manual. https://manual.seafile.com/develop/web_api.html#get-library-history. (Accessed on 07/06/2018).
  103. 103.
    Web api ⋅ seafile server manual. https://manual.seafile.com/develop/web_api.html. (Accessed on 07/06/2018).
  104. 104.
    Web api v2.1 ⋅ seafile server manual. https://manual.seafile.com/develop/web_api_v2.1.html. (Accessed on 07/06/2018).
  105. 105.
    Python api ⋅ seafile server manual. https://manual.seafile.com/develop/python_api.html. (Accessed on 07/06/2018).
  106. 106.
    rene-s/seafile-php-sdk: This is a php package for accessing seafile web api. https://github.com/rene-s/Seafile-PHP-SDK. (Accessed on 07/06/2018).
  107. 107.
    Nginx docs — configuring logging. https://docs.nginx.com/nginx/admin-guide/monitoring/logging/. (Accessed on 07/06/2018).
  108. 108.
    Help center - seafile. https://www.seafile.com/en/help/history_setting/. (Accessed on 07/06/2018).
  109. 109.
    Migrate seafile from windows to linux ⋅ seafile server manual. https://manual.seafile.com/deploy_windows/migrate_from_win_to_linux.html. (Accessed on 07/06/2018).

Copyright information

© Springer Nature Switzerland AG 2019

Authors and Affiliations

  • Yee-Yang Teing
    • 1
  • Sajad Homayoun
    • 2
  • Ali Dehghantanha
    • 3
    Email author
  • Kim-Kwang Raymond Choo
    • 4
  • Reza M. Parizi
    • 5
  • Mohammad Hammoudeh
    • 6
  • Gregory Epiphaniou
    • 7
  1. 1.Faculty of Computer Science and Information TechnologyUniversity Putra MalaysiaSeri KembanganMalaysia
  2. 2.Department of Computer Engineering and Information TechnologyShiraz University of TechnologyShirazIran
  3. 3.Cyber Science Lab, School of Computer ScienceUniversity of GuelphGuelphCanada
  4. 4.Department of Information Systems and Cyber SecurityUniversity of Texas at San AntonioSan AntonioUSA
  5. 5.Department of Software Engineering and Game DevelopmentKennesaw State UniversityMariettaUSA
  6. 6.School of Computing, Mathematics and Digital TechnologyManchester Metropolitan UniversityManchesterUK
  7. 7.Wolverhampton Cyber Research Institute (WCRI), School of Mathematics and Computer ScienceUniversity of WolverhamptonWolverhamptonUK

Personalised recommendations