{"title":"面向云计算的数字取证过程模型","authors":"Sanghamitra De, M. S. Barik, I. Banerjee","doi":"10.1109/CALCON49167.2020.9106500","DOIUrl":null,"url":null,"abstract":"Existing digital forensic frameworks do not address issues relevant to cloud environment where multiple users could be generating events that may coalesce to or independently and in parallel result in a security incident. In this paper a forensic process model is proposed which considers possibility of multiple parallel event sequences that must be considered to achieve correctness in event reconstruction in digital forensic investigation. Towards this end, use of Event Sequence Graph (ESG) as a directed graph for outlining events and the sequences which they follow has been proposed by the authors. Two case studies of attack from multiple sources have been used as examples to explain the type of scenarios which could be easily understood using an ESG.","PeriodicalId":318478,"journal":{"name":"2020 IEEE Calcutta Conference (CALCON)","volume":"45 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2020-02-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":"{\"title\":\"A Digital Forensic Process Model for Cloud Computing\",\"authors\":\"Sanghamitra De, M. S. Barik, I. Banerjee\",\"doi\":\"10.1109/CALCON49167.2020.9106500\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"Existing digital forensic frameworks do not address issues relevant to cloud environment where multiple users could be generating events that may coalesce to or independently and in parallel result in a security incident. In this paper a forensic process model is proposed which considers possibility of multiple parallel event sequences that must be considered to achieve correctness in event reconstruction in digital forensic investigation. Towards this end, use of Event Sequence Graph (ESG) as a directed graph for outlining events and the sequences which they follow has been proposed by the authors. Two case studies of attack from multiple sources have been used as examples to explain the type of scenarios which could be easily understood using an ESG.\",\"PeriodicalId\":318478,\"journal\":{\"name\":\"2020 IEEE Calcutta Conference (CALCON)\",\"volume\":\"45 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2020-02-01\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"0\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"2020 IEEE Calcutta Conference (CALCON)\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1109/CALCON49167.2020.9106500\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"2020 IEEE Calcutta Conference (CALCON)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/CALCON49167.2020.9106500","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
A Digital Forensic Process Model for Cloud Computing
Existing digital forensic frameworks do not address issues relevant to cloud environment where multiple users could be generating events that may coalesce to or independently and in parallel result in a security incident. In this paper a forensic process model is proposed which considers possibility of multiple parallel event sequences that must be considered to achieve correctness in event reconstruction in digital forensic investigation. Towards this end, use of Event Sequence Graph (ESG) as a directed graph for outlining events and the sequences which they follow has been proposed by the authors. Two case studies of attack from multiple sources have been used as examples to explain the type of scenarios which could be easily understood using an ESG.
求助内容:
应助结果提醒方式:
京公网安备 11010802042870号
