Title :
Feasibility analysis for incorporating/deploying SIEM for forensics evidence collection in cloud environment
Author :
Irfan, Muhammad ; Abbas, Haider ; Iqbal, Waseem
Author_Institution :
Nat. Univ. of Sci. & Technol., Islamabad, Pakistan
fDate :
June 28 2015-July 1 2015
Abstract :
Cloud computing is the emerging field nowadays and it has truly revolutionized the domain of Information Technology. This domain is very large and not easy to handle especially when it comes to the forensic in a cloud environment that is considered a very cumbersome process. This paper presents a feasibility analysis of performing digital forensics via SIEM (Security Information and Event Management) system in cloud environment. The research work mainly focuses on passive attacks while some active attacks are also covered and the forensics analysis is done while considering the service provider end. The preliminary analysis presented in this paper will provide a comprehensive overview of the various artifacts that may be considered for performing an in-depth forensic analysis in cloud environment using Security Information and Event Management System.
Keywords :
cloud computing; digital forensics; SIEM system; cloud computing; cloud environment; digital forensics evidence collection; feasibility analysis; forensics analysis; security information and event management system; Cloud computing; Computer crime; Digital forensics; Monitoring; Virtual machining; Cloud Forensics; Openstack; Security Information and Event Management; Ubuntu Enterprise Cloud;
Conference_Titel :
Computer and Information Science (ICIS), 2015 IEEE/ACIS 14th International Conference on
Conference_Location :
Las Vegas, NV
DOI :
10.1109/ICIS.2015.7166563
