LiveForen: Ensuring live forensic integrity in the cloud
To expedite the forensic investigation process in the cloud, excessive and yet volatile data need to be acquired, transmitted, and analyzed in a timely manner. A common assumption for most existing forensic systems is that credible data can always be collected from a cloud infrastructure, which migh...
Saved in:
| Main Authors: | , , , , |
|---|---|
| Format: | text |
| Language: | English |
| Published: |
Institutional Knowledge at Singapore Management University
2019
|
| Subjects: | |
| Online Access: | https://ink.library.smu.edu.sg/sis_research/4410 |
| Tags: |
Add Tag
No Tags, Be the first to tag this record!
|
| Institution: | Singapore Management University |
| Language: | English |
| id |
sg-smu-ink.sis_research-5413 |
|---|---|
| record_format |
dspace |
| spelling |
sg-smu-ink.sis_research-54132019-08-05T06:06:05Z LiveForen: Ensuring live forensic integrity in the cloud LIU, Anyi FU, Huirong HONG, Yuan LIU, Jigang LI, Yingjiu To expedite the forensic investigation process in the cloud, excessive and yet volatile data need to be acquired, transmitted, and analyzed in a timely manner. A common assumption for most existing forensic systems is that credible data can always be collected from a cloud infrastructure, which might be susceptible to various exploits. In this paper, we present the design, implementation, and evaluation of LiveForen, a system that enforces a trustworthy forensic data acquisition and transmission process in the cloud, whose computer platforms' integrity has been verified. To fulfill this objective, we propose two secure protocols that verify the fingerprints of the computer platforms, as well as the attributes of the human agents, by taking advantage of the trusted platform module and the attribute-based encryption. To transmit forensic data as a data stream and verify its integrity at the same time, a unique fragile watermark is embedded into the data stream without altering the data itself. The watermark allows not only the data integrity to be verified but also any malicious data manipulation to be localized, with minimum communication overhead. The experimental results demonstrate that LiveForen achieves good scalability and limited performance overhead for authentication, data transmission, and integrity verification in an Infrastructure-as-a-Service cloud environment. 2019-10-01T07:00:00Z text https://ink.library.smu.edu.sg/sis_research/4410 info:doi/10.1109/TIFS.2019.2898841 Research Collection School Of Computing and Information Systems eng Institutional Knowledge at Singapore Management University Attribute-based encryption Cybercrime Cybersecurity Fragile watermark Trusted computing Trusted platform module Information Security |
| institution |
Singapore Management University |
| building |
SMU Libraries |
| continent |
Asia |
| country |
Singapore Singapore |
| content_provider |
SMU Libraries |
| collection |
InK@SMU |
| language |
English |
| topic |
Attribute-based encryption Cybercrime Cybersecurity Fragile watermark Trusted computing Trusted platform module Information Security |
| spellingShingle |
Attribute-based encryption Cybercrime Cybersecurity Fragile watermark Trusted computing Trusted platform module Information Security LIU, Anyi FU, Huirong HONG, Yuan LIU, Jigang LI, Yingjiu LiveForen: Ensuring live forensic integrity in the cloud |
| description |
To expedite the forensic investigation process in the cloud, excessive and yet volatile data need to be acquired, transmitted, and analyzed in a timely manner. A common assumption for most existing forensic systems is that credible data can always be collected from a cloud infrastructure, which might be susceptible to various exploits. In this paper, we present the design, implementation, and evaluation of LiveForen, a system that enforces a trustworthy forensic data acquisition and transmission process in the cloud, whose computer platforms' integrity has been verified. To fulfill this objective, we propose two secure protocols that verify the fingerprints of the computer platforms, as well as the attributes of the human agents, by taking advantage of the trusted platform module and the attribute-based encryption. To transmit forensic data as a data stream and verify its integrity at the same time, a unique fragile watermark is embedded into the data stream without altering the data itself. The watermark allows not only the data integrity to be verified but also any malicious data manipulation to be localized, with minimum communication overhead. The experimental results demonstrate that LiveForen achieves good scalability and limited performance overhead for authentication, data transmission, and integrity verification in an Infrastructure-as-a-Service cloud environment. |
| format |
text |
| author |
LIU, Anyi FU, Huirong HONG, Yuan LIU, Jigang LI, Yingjiu |
| author_facet |
LIU, Anyi FU, Huirong HONG, Yuan LIU, Jigang LI, Yingjiu |
| author_sort |
LIU, Anyi |
| title |
LiveForen: Ensuring live forensic integrity in the cloud |
| title_short |
LiveForen: Ensuring live forensic integrity in the cloud |
| title_full |
LiveForen: Ensuring live forensic integrity in the cloud |
| title_fullStr |
LiveForen: Ensuring live forensic integrity in the cloud |
| title_full_unstemmed |
LiveForen: Ensuring live forensic integrity in the cloud |
| title_sort |
liveforen: ensuring live forensic integrity in the cloud |
| publisher |
Institutional Knowledge at Singapore Management University |
| publishDate |
2019 |
| url |
https://ink.library.smu.edu.sg/sis_research/4410 |
| _version_ |
1770574701254410240 |