Analyzing Data Remnant Remains on User Devices to Determine Probative Artifacts in Cloud Environment
Cloud storage service allows users to store their data online, so that they can remotely access, maintain, manage, and back up data from anywhere via the Internet. Although helpful, this storage creates a challenge to digital forensic investigators and practitioners in collecting, identifying, acqui...
Saved in:
| Main Authors: | , |
|---|---|
| Format: | Article |
| Language: | English |
| Published: |
Blackwell Publishing Inc.
2018
|
| Subjects: | |
| Online Access: | http://umpir.ump.edu.my/id/eprint/20097/2/Final%20Draft.pdf http://umpir.ump.edu.my/id/eprint/20097/ https://doi.org/10.1111/1556-4029.13506 |
| Tags: |
Add Tag
No Tags, Be the first to tag this record!
|
| Institution: | Universiti Malaysia Pahang |
| Language: | English |
| Summary: | Cloud storage service allows users to store their data online, so that they can remotely access, maintain, manage, and back up data from anywhere via the Internet. Although helpful, this storage creates a challenge to digital forensic investigators and practitioners in collecting, identifying, acquiring, and preserving
evidential data. This study proposes an investigation scheme for analyzing data remnants and determining probative artifacts in a cloud environment. Using pCloud as a case study, this research collected the data remnants available on end-user device storage following the storing, uploading, and accessing of data in the cloud storage. Data remnants are collected from several sources, including client software files, directory listing, prefetch, registry, network PCAP, browser, and memory and link files. Results demonstrate that the collected remnants data is beneficial in determining a sufficient number of artifacts about the investigated cyber crime. |
|---|