Cloud Forensics - Overview
Cloud Forensics involves resolving the difficult issues involved in conducting digital forensics investigations to cloud computing. The current work addresses interpretative audit analysis for the time-stamped hypervisor logs as basis of establishing ground truth forensic evidence, cloud risk assessment modeling, cloud insider threat detection, service level agreements, and privacy preserving auditing.
Cloud Forensics involves resolving the difficult issues involved in conducting digital forensics investigations to cloud computing. The current work addresses interpretative audit analysis for the time-stamped hypervisor logs as basis of establishing ground truth forensic evidence, cloud risk assessment modeling, cloud insider threat detection, service level agreements, and privacy preserving auditing.
Cloud Forensics - Publications
- Sean Thorpe, Indrajit Ray, Tyrone Grandison, Abbie Barbir. Robert France. “Hypervisor Event Logs as a Source of Consistent Virtual Machine Evidence for Forensic Cloud Investigations”. Proceedings of the 27th Annual IFIP WG 11.3 Working Conference on Data and Applications Security and Privacy (DBSEC ’13), Rutgers University, Newark, NJ, USA, July 15-17, 2013
- Tyrone Grandison, Sean Thorpe, Leon Stenneth. "Supporting Privacy and Auditing in Cloud Computing Systems". IEEE 2013 First International Workshop on Cloud Security Auditing, Santa Clara, CA, USA, June 27 - July 2, 2013.
- Sean Thorpe, Tyrone Grandison, Arnett Campbell, Janet Williams, Khalilah Burrell, Indrajit Ray. "Towards a Forensic-based Service Oriented Architecture Framework for Auditing of Cloud Logs". IEEE 2013 Services Workshop on Security and Privacy Engineering (SPE2013), Santa Clara, CA, USA. June 2013.
- Sean Thorpe, Indrajit Ray, Tyrone Grandison, Abbie Barbir. "Virtual Machine Model History Framework for a Data Cloud Digital Investigation". The Journal of Convergence (JOC) , Volume 3 , Issue 4, December 2012.
- Sean Thorpe, Indrajit Ray, Tyrone Grandison, Abbie Barbir. "Formal Hash Compression Provenance Techniques For The Preservation Of The Virtual Machine Log Auditor Environment". The International Journal of Information Science and Computer Application (IJISCA), Vol 1, pp 1-10.
- Sean Thorpe, Indrajit Ray, Tyrone Grandison, Abbie Barbir. "Cloud Digital Investigations based on a Virtual Machine Computer History Model". The 6th International Symposium on Digital Forensics and Information Security (DFIS-12). Vancouver, Canada, 26-28 June 2012.
- Sean Thorpe, Tyrone Grandison, Indrajit Ray, Abbie Barbir. "Towards Enabling Behavioral Trust among Participating Cloud Forensic Data Center Agencies.” The 9th VLDB Workshop on Secure Data Management (SDM) 2012. Istanbul, Turkey. August 27, 2012.
- Sean Thorpe, Indrajit Ray, Tyrone Grandison, Abbie Barbir. "Cloud Log Forensics Metadata Analysis". The 2012 IEEE 36th International Conference on Computer Software and Applications (COMPSAC 2012). Izmir, Turkey 16-20 July 2012.
- Sean Thorpe, Tyrone Grandison, Indrajit Ray. "Cloud Computing Log Evidence Forensic Examination Analysis". Proceedings of the 2nd Cybercrime Security, and Digital Forensics Conference, London UK , May 14 -15, 2012.
- Sean Thorpe, Indrajit Ray, Tyrone Grandison. "Enforcing Data Quality Rules for a Synchronized VM Log Audit Environment using Transformation Mapping Techniques". The Proceedings of the 4th Intl Conference on Computational Intelligence in Security for Information Systems, Torremolinos, Malaga, Spain. June 8-10, 2011.
- Sean Thorpe, Indrajit Ray, Tyrone Grandison. "Use of Schema Associative Mapping for synchronization of the Virtual Machine Audit Logs". The Proceedings of the 4th International Conference on Computational Intelligence in Security for Information Systems, Torremolinos, Malaga, Spain. June 8-10, 2011.
- Sean Thorpe, Indrajit Ray, Tyrone Grandison. "A Synchronized Log Cloud Forensic Framework". Proceedings of the International Conference on Cybercrime, Security & Digital Forensics. Glasgow, UK. June, 2011.
- Sean Thorpe, Abbie Barbir, Indrakshi Ray, Tyrone W A Grandison, Indrajit Ray. "Formal Parameterization of Log Synchronization Events within a Distributed Forensic Compute Cloud Database Environment". The 3rd International ICST Conference on Digital Forensics & Cyber Crime (ICDF2C). Dublin, Ireland. Oct 26-28, 2011.
- Sean Thorpe, Indrajit Ray, Indrakshi Ray, Tyrone Grandison. "A Formal Temporal Log Data Model For The Global Synchronized Virtual Machine Environment". International Journal of Information Assurance and Security (JIAS), Volume 6, No 2. 2011.
- Sean Thorpe, Indrajit Ray, Tyrone Grandison, Abbie Barbir. "The Virtual Machine Log Auditor". Proceedings of the Information Assurance and Security Letters(IASL). ISSN 2150-7996 Volume 2 (2011) pp. 037-043.
- Sean Thorpe, Indrajit Ray, Indrakshi Ray, Tyrone Grandison, Abbie Barbir. "A Global Virtual Machine Attribute Access Control Policy for Auditing Federated Digital Identities within a Compute Cloud". International Journal of Information Assurance and Security (JIAS), Volume 6, No 2. 2011.
- Sean Thorpe, Indrajit Ray, Tyrone Grandison. "Enabling Security Uniformly Across Cloud Systems". ACM ASPLOS (Architectural Support for Programming Languages and Operating Systems) RESOLVE (Runtime Environments/Systems, Layering, and Virtualized Environments) Workshop. Newport Beach, California. March 5, 2011.