In recent times, cybercrime investigation in cloud computing poses complex challenges due to virtualization, volatile data, deleted data, and dynamic and distributing nature of cloud computing. Performing cybercrime investigation in cloud environment is called Cloud Forensics. With the intention of overcoming these challenges, this paper introduces a Cloud Forensics investigation model (CFIM) that can help to investigate cybercrimes in the cloud in forensically sound and timely fashion. The proposed model is an intelligent system that is able to take a snapshot periodically for each virtual machine running in the cloud, sends it automatically to trusted center server (TCS) that is responsible for monitoring and recording the status of the virtual machine and finally, sends it to the forensic server (FS) to perform forensic analysis. This model can increase probability of tracking attackers, determining weaknesses of virtual machines for future use, and also can support in the process of extraction and collection of digital evidence.
- Cloud computing
- Digital forensics
- Cloud forensics
- Digital evidence and cybercrimes
This is a preview of subscription content, access via your institution.
Tax calculation will be finalised at checkout
Purchases are for personal use onlyLearn about institutional subscriptions
Mell P, Grance T (2011) “The NIST definition of cloud computing.” 20–23
McKemmish R (1999) What is forensic computing? Australian Institute of Criminology, Canberra
Ruan K et al (2011) Cloud forensics. Advances in digital forensics VII. Springer, Berlin, pp 35–46
Ruan K et al (2013) Cloud forensics definitions and critical criteria for cloud forensic capability: an overview of survey results. Digit Invest 10(1):34–43
Rani DR, Geethakumari G (2015) An efficient approach to forensic investigation in cloud using VM snapshots. In: IEEE international conference on pervasive computing (ICPC)
Dykstra J, Sherman A (2012) Acquiring forensic evidence from infrastructure-as-a-service cloud computing: exploring and evaluating tools, trust, and techniques. In: DoD Cyber Crime Conference
Simou S et al (2015) A meta-model for assisting a cloud forensics process. Risks and security of Internet and systems. Springer, Berlin, pp 177–187
Povar D, Geethakumari G (2014) A heuristic model for performing digital forensics in cloud computing environment. Security in computing and communications. Springer, Berlin, pp 341–352
Zawoad S, Hasan R, Skjellum A (2015) OCF: an open cloud forensics model for reliable digital forensics. In: 2015 IEEE 8th international conference on cloud computing (CLOUD). IEEE
El-Din Hemdan E, Manjaiah DH (2015) Exploring digital forensic investigation issues for cyber crimes in cloud computing environment. In: Proceeding of international conference on computer communication and networks (i3CN), on 8th May 2015
We acknowledge the support of the Indian Council for Cultural Relations (ICCR) under the Africa Scholarship Scheme and the executive program between Arab Republic of Egypt and India.
Editors and Affiliations
© 2018 Springer Nature Singapore Pte Ltd.
About this paper
Cite this paper
Hemdan, E.ED., Manjaiah, D.H. (2018). CFIM: Toward Building New Cloud Forensics Investigation Model. In: Saini, H., Singh, R., Reddy, K. (eds) Innovations in Electronics and Communication Engineering . Lecture Notes in Networks and Systems, vol 7. Springer, Singapore. https://doi.org/10.1007/978-981-10-3812-9_56
Publisher Name: Springer, Singapore
Print ISBN: 978-981-10-3811-2
Online ISBN: 978-981-10-3812-9