International Journal of Innovative Technology and Exploring Engineering (IJITEE) ISSN: 2278-3075, Volume-8 Issue-8S3, June 2019
Abstract: Cloud computing is considered to be one of the most significant and influential topics in the field of computing sciences. With time, cloud computing has paved its way in almost every aspect of human life. With the significant hike in number of users and service provider in the cloud environment, attackers are also increasing malicious activities in this area. Due to criticality in the area of the cloud computing, it is necessary that cloud environment should be safe . The concept of Cloud forensics has been introduced to establish a well-defined forensic capability in cloud environment. Although a lot of work has been carried out in the area of cloud forensic challenges and solutions, but the research on its frameworks and methodologies is still to be explored. The major challenge lies in providing a framework for analysis of massive amounts of forensic data in limited period. As proposed by many researchers, one of the best solutions for such analysis is the use of machine learning methods. This paper provides the study on the methodological aspect of cloud forensic analysis using various machine learning approaches. It gives a critical review of existing cloud forensic methodologies making use of machine learning for investigation of security related incidents in cloud. Furthermore, it provides a comprehensive study and comparison of existing frameworks using machine learning for digital and cloud forensic analysis, their drawbacks and scope for novel future research directions in thisarea.
Index Terms: Cloud forensics, machine learning, cloud forensic methodologies, review, machine learning methodologies, cloud forensic solutions.
I. INTRODUCTION
Cloud computing is considered to be thenextgenerationof information technology framework.
Cloudcomputing gives a extensive repository ofreliableITcomponents that can be used on shared basissuchascomputingresources,networks,softwareanddataba ses.Customers are able to use virtualized resources inas
callable and elastic fashion through
cloudcomputingenvironment.Cloud computing is said to be defined as the group technologies and a means for providing the use of large scale Internet services for the remote applications with high quality of service[1]. Major benefits of cloud computing includes scalabiliy, elasticity, self serviceprovisioning,andperusepayetc.Cloudcomputingservice scanbepublic,community, hybrid and private.Service modelsofcloudcomputing offer application platform to be aservice(PaaS),infrastructuretobeaservice(IaaS)andsoftwareto beaservice (SaaS).
Revised Manuscript Received on December 22, 2018.
NanditaGoyal, ABES Engineering College, Ghaziabad
Kanika Gupta, ABES Engineering College, Ghaziabad.
Munesh Chandra,Chandra Trivedi Rajkiya Engineering College, Azamgarh.
Computing includes various security issues. The main reasonT forT theseT issuesT isT theT incorporationT ofT differentT technologiesT likeT operatingT systems,T resourceT scheduling,T networks,T virtualizationT etc.T ThisT resultsT inT applicabilityT ofT theT threatsT andT challengesT inT theseT technologiesT toT cloudT computingT also[3].T TheT networkT whichT interrelatesT theT systemsT inT aT cloudT hasT toT beT confidential.T Furthermore,T virtualizationT paradigmT shiftT inT cloudT computingT resultsT inT severalT securityT issues,T like,T mappingT theT virtualT machinesT toT theT physicalT machinesT hasT toT beT carriedT outT timely.T DataT securityT involvesT encryptionT ofT theT dataT asT wellT asT ensuringT thatT appropriateT rulesT areT enforcedT forT dataT sharing.T InT addition,T memoryT managementT andT resourceT allocationT algorithmsT haveT toT beT safe.
AsT aT numberT ofT serviceT providersT andT usersT areT gettingT addedT toT theT cloudT environment,T itT hasT becomeT aT importantT fieldT forT performingT maliciousT activitiesT forT financialT gainT byT attackers[2].T ItT isT aT significantT needT toT securelyT store,T analyzeT andT shareT complexT (e.g.,T semi-structuredT andT unstructured)T dataT whichT isT largeT inT volume.T BecauseT ofT theT criticalT natureT ofT theT applications,T itT isT importantT thatT cloudsT beT secure.T TheT majorT securityT challengeT withT cloudsT isT thatT theT ownerT ofT theT dataT mayT notT haveT controlT ofT whereT theT dataT isT placed.T ThisT isT becauseT ifT oneT wantsT toT exploitT theT benefitsT ofT usingT cloudT computing,T oneT mustT alsoT utilizeT theT resourceT allocationT andT schedulingT providedT byT cloudsT [5].T Therefore,T weT needT toT safeguardT theT dataT inT theT midstT ofT entrustedT processes.
SeveralT frameworksT ofT securityT areT beingT consideredT inT orderT toT solveT theT dangerT andT threatsT toT provideT securityT forT theT resourcesT soT thatT theT potentialT ofT cloudT computingT canT beT consideredT toT theT maximumT level.T InT spiteT ofT variousT securityT measuresT ifT anT attackT isT encounteredT thenT theT roleT ofT cloudT forensicsT comesT intoT existence.T CloudT forensicsT isT aT strategyT thatT providesT aT platformT toT investigateT andT analyzeT cloudT securityT threats.T CloudT forensicsT isT theT deploymentT ofT digitalT forensicsT inT cloudT computingT environmentT asT aT subsetT ofT cyberT andT networkT forensics.T CloudT forensicsT involvesT investigationT afterT theT attackT inT orderT toT knowT theT sourceT andT detectT maliciousT cloudT criminalsT associatedT withT theT attackT soT thatT theyT couldT beT punishedT inT aT justifiedT mannerT [4]T [6].
T Basically,T itT isT aT inter-disciplineT betweenT cloudT computingT andT digitalT forensics.T TheT majorT problemT liesT inT analysisT ofT eachT andT everyT localT hostT toT detectT maliciousT actors.T HereT comesT
theT roleT ofT machineT learningT inT analyzingT complexT dataT inT
Cloud Forensic Frameworks based on Machine
Learning Techniques
Cloud Forensic Frameworks based on Machine Learning Techniques
limitedtime.
TheT mainT objectiveT ofT thisT paperT isT toT presentT aT detailedT literatureT reviewT onT theT existingT frameworksT andT methodologiesT ofT cloudT forensicsT environment. ItcriticallyT reviewsT cloudT forensics’T existingT frameworksT thatT makeT useT ofT machineT learningT approachesT andT itT exploresT basedT onT aT detailedT reviewT ofT theT area,T majorT workT thatT hasT beenT carriedT outT inT theT areaT ofT cloudT forensicsT usingT machineT learning.
TheT paperT isT organizedT asT follows:T InT SectionT II,T relatedT workT onT currentT frameworksT andT methodologiesT inT cloudT forensicsT environment.T SectionT IIIT presentsT aT reviewT ofT existingT presentedT methodologiesT alongT withT variousT challenges.T SectionT IV,T discussesT theT proposedT systemT forT identificationT ofT maliciousT hostsT inT cloudT environmentT usingT machineT learningT approach.T Finally,T SectionVT concludesT theT paperT andT raisesT futureT researchdirection.
II.T RELATEDWORK
CloudT Forensics
CloudT computingT offersT benefitsT toT companiesT andT organizationsT asT itT leadsT toT improveT profitT marginsT inT businessT whileT controllingT theT costsT incurred.T WithT theT useT ofT cloudT computing,T companiesT areT ableT toT outsourceT requiredT servicesT whileT payingT moreT attentionT toT theirT coreT developmentT areas.T TheT CloudT serviceT ProvidersT (CSPs)T areT responsibleT forT providingT servicesT andT maintainingT infrastructureT afterT signingT contractsT withT theseT companies.T TheT variousT advantagesT ofT cloudT computingT includeT onT demandT self-service,T elasticity,T resourceT pooling,T efficiencyT etc.
ThereT areT threeT serviceT modelsT availableT inT cloudT computingT namely:T PaaST (PlatformT asT aT Service),T IaaST (InfrastructureT asT aT Service)T andT SaaST (SoftwareT asT aT Service).
PaaS:T AsT perT theT NIST'sT definitionT ofT cloudT computingT definesT PlatformT toT beT aT ServiceT as:[15]
ItT providesT abilityT toT theT customerT toT createT applicationsT usingT differentT toolsT andT programmingT languagesT andT makeT useT ofT librariesT withoutT controllingT theT deployedT infrastructure.
IaaS:T TheT NIST'sT definitionT ofT cloudT computingT [16]T describesT IaaST asT capabilityT toT customersT toT makeT useT ofT anyT softwareT orT infrastructureT evenT anT operatingT system.T WhileT usingT theT deployedT infrastructureT theT customerT isT freeT fromT theT responsibilityT ofT managingT orT controllingT theT cloudT infrastructure.
SaaS:T TheT NIST'sT definitionT ofT cloudT computingT definesT SoftwareT asT aT ServiceT [15]T as:ItT providesT abilityT toT runT applicationsT onT cloudT infrastructure.T TheT customersT canT accessT theseT applicationsT throughT theirT devicesT withoutT anyT requirementT toT manageT involvedT infrastructureT includingT operatingT systems,T storageT network,T servers,T orT evenT individualT applicationT capabilities,T withT theT possibleT exceptionT ofT limitedT user-specificT applicationT configurableT settings.CloudT computingT canT beT deployedT byT takingT oneT ofT theT fourT installationT models:T Private,T community,T publicT andT Hybrid.
PublicT cloudsT areT operatedT andT takenT byT third-partyT aT
cloudT serviceT provider,T whoT givesT theirT computingT resourcesT likeT serversT andT storageT overT theT netT community.T MicrosoftT AzureT isT anT exampleT ofT aT publicT cloud.T WithT aT publicT cloud,T allT softwareT computingT resourcesT andT otherT supportingT infrastructureT isT ownedT andT managedT byT theT cloudT subscriber.T UsersT canT takeT theT accessT ofT theseT servicesT andT manageT theT accountT usingT aT webT browser[7].
InT aT privateT cloudT computingT environmentT andT framework,T resourcesT areT usedT onlyT forT aT oneT businessT orT firm.T TheT physicalT siteT ofT aT privateT cloudT canT beT company’sT liveT datacenter.T SomeT companiesT alsoT deployT intermediateT providersT toT installT theirT ownT cloudT onT network.T InT aT privatelyT ownedT cloud,T theT infrastructureT andT servicesT areT settledT onT aT privateT network[8].
HybridT cloudsT areT mixedT combinationT ofT privatelyT andT publiclyT ownedT clouds.T TheyT allowT theT usersT toT takeT theT advantageT ofT bothT theT categoriesT whileT allowingT sharingT ofT dataT andT applicationsT betweenT them[9].T TheyT generallyT provideT greaterT flexibilityT withT aT numberT ofT optionsT forT deploymentT inT business.T ItT alsoT givesT optimizationT toT theT presentT infrastructureT alongT withT security.
AT communityT cloudT isT aT solutionT toT theT needsT ofT organizationsT andT individualsT whichT areT confinedT inT numberT TheseT areT managedT andT governedT byT anT intermediaryT organizationT orT serviceT provider.T [10]. Intoday’sscenarioasthenumberofCSPsandusersisgrowing,then umberofcloudcrimesisalsoincreasingontheT sameT pace.T HereT comesT theT roleT ofT cloudT forensics.
CloudT forensicsT isT theT applicationofforensicscienceT inT cloudT environment.T ItT isT theT postinvestigationthatisT carriedT outT afterT aT securityT attackhasT takenT placeT incloudenvironment.Itisasubdisciplineofdigitalforensicsbuthe reT theT investigationT isT moreT complexT duetovirtualization.ThereT areT manyT moreT issuesT likeT volumeT ofdata,multi-jurisdictionT andT lackT ofT forensicT toolsT etc.T thatT addT ontothiscomplexity.T TheT majorT phasesT ofT cloudforensicsinclude:T evidenceT identification,T collection,T preservation,T examination,interpretationT andT reportingT [11].
VariousT digitalT andT cloudT forensicsT methodologiesT haveT beenT developedT andT studiedT forT fulfillmentT ofT aboveT objectivesT butT rapidT advancesT inT cloudT computingT requireT developmentT ofT moreT sophisticatedT methodsT andT toolsT forT carryingT outT forensicT analysisT inT cloudT environment..
ExistingT MethodologiesT andT FrameworksT forT CloudT Forensics
InT thisT section,T weT presentT aT comprehensiveT reviewT onT latestT workT inT cloudT forensicsT methodologiesT thatT areT makingT useT ofT machineT learningT approaches.T TheT goalT ofT comparisonT isT toT addressT theT challengesT ofT existingT frameworksT byT assigningT themT inT proposedframework.
ShravanaT KumarT ChinnikattiT [13]T inT hisT reviewT discussedT theT useT ofT ArtificialT IntelligenceT inT supportingT digitalT forensics.T AIT algorithmsT canT beT usedT provideT fastT solutionsT toT supportT comprehensiveT andT writtenT basedcommunicationwithT evidencesT provedT withT statisticsT andT analysisT withoutT judicialT
International Journal of Innovative Technology and Exploring Engineering (IJITEE) ISSN: 2278-3075, Volume-8 Issue-8S3, June 2019
fromT differentT dataT sources.T InT thisT paper,T authorT alsoT emphasizesT thatT artificialT intelligenceT hasT aT well- established importance in forensic science.
Prerak Bhatt [14] et al. in his paper discusses the role of machine learning inT digitalT crimeT analysis.T TheT authorT hasT alsoT presentedT anT elaborateT discussionT onT stepsT forT settingT upT anT environmentT toT trainT artificialT neuralT networksT andT useT theT ANNsT toT investigateT andT analyzeT artifactsT forT forensicT investigation.
SuchanaT DuttaT [17]T etT al.T hasT proposedT aT modelT CloudT MaliciousT ActorT IdentifierT whichT focusesT onT legitimateT demandT ofT cloudT forensicT investigators.T ThisT modelT ranksT theT maliciousT actorT inT aT particularT crimeT sceneT onT basisT ofT probabilityT ofT beingT maliciousT whichT isT computedT usingT aT machineT learningT techniqueT calledT boosting.T ThisT modelT attemptsT toT reduceT theT overheadT ofT probingT eachT andT everyT IPT addressT duringT investigation.T ThisT modelT alsoT optimizeT theT investigationT process,T costT andtime.
J.T K.T AlhassanT [18]T etT al.T proposedT aT methodT calledT FuzzyT Classifier-basedT VulnerabilityT andT AssessmentT TestingT (FCVAPT)T toT protectT confidentialT informationT availableT onT webT applications.T InT thisT paper,T theT researchersT usedT XSST andT SQLT toT evaluateT theirT technique.T TheyT estimateT theT classificationT performanceT ofT theirT techniqueT inT termsT ofT MSE,T MAPE,T andT RMSET andT theyT achievedT aboutT 33%,T 14%,T andT 5%T respectively.T TheT authorsT ofT thisT paperT claimedT thisT techniqueT (FCVAPT)T toT beT bestT forT identifyingT theT threadsT onT webapplications.
DanialJavaheriT [19]T etT al.T suggestedT aT methodT toT escapeT fromT malwareT threads,T byT takingT intoT considerationT theT behaviorT ofT malware.T TheT techniqueT proposedT inT thisT paperT identifiesT theT incidentT periodT ofT TrojanT atT userT levelT andT kernelT levelT ofT OS,T byT clearingT theT storageT spaceT ofT effectedT malwareT onT rightT timeT andT particularT hookT installing.T TheT authorsT aimT toT provideT anT effectiveT techniqueT forT theT identificationT ofT malwareT behaviorT byT usingT theT metamorphicT engine,T packerT andT protectorT tools.T TheseT toolsT makeT decisionsT onT obfuscationT andT metamorphosisT situationT causedT bymalwares.
KamalakantaSethiT [20]T etT alT designedT aT structureT forT theT identificationT andT classificationT ofT variousT maliciousT filesT withT theT extensionT likeT exe,T php,T pdf,T etc.T InT thisT article,T theT researchersT usedT aT two-levelT classifierT calledT MacroT andT Micro.T TheT MacroT helpsT toT identifyT theT malwareT andT MicroT helpsT toT classifyT theT malwaresT likeT spyware,T Trojan,T adware,T andT soT on.T ThisT methodT makesT aT staticT asT wellT asT dynamicT enquiryT andT createsT reportT byT executingT theT dataT presentT inT theT virtualT environmentT withT theT helpT ofT CuckooT SandboxT technique.T TheyT alsoT includeT aT moduleT forT theT extractionT ofT feature,T whichT worksT basedT onT theT reportT createdT byT theT CuckooT Sandbox.T Here,T theyT usedT WekaT frameworkT forT theT developmentT ofT machineT learningT modelsT byT includingT theT datasetT usedT forT theT trainingT process.
ImansharafaldinT [21]T etT al.T proposedT aT systemT calledBotVizT forT theT classificationT ofT malwareT withT theT supportT ofT dataT collectedT onT analysisT ofT forensicsT andT theT domainT generationT algorithmT detector.
TheirT systemT worksT basedT onT theT techniquesT ofT
machineT learningT andT theT performanceT ofT theirT systemT isT calculatedT byT usingT aT liveT Zeusbotnet.ST SaibharathT [22]T etT al.T hasT proposedT theT implementationT ofT aT webT softwareT toolT forT cloudT forensics.T ItT helpsT inT dataT collectionT andT renderingT mechanismT forT cloudT environment.T ThisT mechanismT isT implementedT throughT HadoopT usingT strutsT 2.0T MVCT framework.T ItT makesT useT ofT clusteringT forT preprocessingT ofT evidenceT files.T CrossT driveT analysisT isT alsoT performedT betweenT drivesT usingT correlationfunction.
III.T FRAMEWORK COMPARISON
[image:3.595.302.553.322.758.2]InT TableT 1,T aT comparisonT ofT differentT frameworksT forT digitalT andT cloudT forensicsT makingT useT ofT machineT learningT approachesT isT discussed.T FromT theT comparativeT analysis,T illustratedT inT TableT 1,T mostT ofT theT frameworksT andT methodologiesT usedT forT cloudT forensicsT makeT useT ofT differentT machineT learningT approachesT forT forensicsT analysisT purpose.T TheT tableT alsoT showsT theT challenges and solutions provided by various frameworkdiscussed.
Table. 1 Digital and cloud forensics methodologies
Name of Author
Objective Tech nique used
Solutions Challenges
SuchanaDatta, PalashSantra, Koushikand Debashish De(2018) To mitigate the overhea d of probing each and every IP address while forensic investiga ti on. Boost ing Proposed a model ‘Cloud MaliciousActor Identifier’ to rank malicious
actors for a particular crime
scene on the basis of probabilityof beingmalicious usingboosting To increase the accuracy of proposed model using other classificatio n methods J.K. Alhassan, Sanjay Misra, A. Umar, RytisMaskeliū nas , RobertasDama
ševiči us, and AdewoleAdew umi.(2 018) To provide security to sensitive data/info rmation in web applicati on s. Fuzzy Classi ficati on Proposed a Fuzzy Classifier-based Vulnerability and Assessment Testing (FCVAPT) model. It provides penetration testing for web
applications. This model detects vulnerability for web applications and penetration levels for recognized cases. So, it could be further extended for other types of applications. DanialJavaher
i and Mehdi Hosseinzade h(2018) Establish ment of an efficient platform for detection and analysis of novel malware s. Mem ory dump ing and hook install ing Proposed an efficient platform for detection and analysis ofnovel malwares. It identifies malware behavior by using metamorphic engine, packer To improve success rate for identificatio
Cloud Forensic Frameworks based on Machine Learning Techniques
IV. PROPOSED METHOLOGY
InT thisT sectionT weT presentT ourT proposedT methodT forT classifyingT andT detectingT maliciousT hostsT inT cloudT environment.T TheT mainT challengeT isT thatT weT tryT toT analyzeT theT identificationT ofT hostT whichT isT providingT maliciousT dataT toT theT usersT inT theT cloud.T So,T weT presentT aT frameworkT forT identifyingT theseT maliciousT hostsT byT firstT extractingT featuresT fromT theT hostT listT byT applyingT aT featureT extractionT algorithm.T TheT extractedT featuresT helpT toT classifyT theT differentT maliciousT host.T ThenT finally,T weT willT classifyT theseT hostsT asT maliciousT orT non-maliciousT byT usingT ArtificialT NeuralT Networks(ANNs).
DataT collectionT phase:T InT thisT phase,T theT dataT thatT areT neededT forT theT processT willT beT collected.T AnalysingT andT collectingT dataT inT theT cloudT isT oneT ofT theT challengingT tasks.T TheseT dataT includeT bothT normalT andT maliciousT hostT list.T TheT collectedT dataT willT beT usedT forT extractingT theT features.
Analysis Phase: In this phase, the extracted features of the host list will be used training the machine and then testing. In this phase will Artificial Neural Networks for the purpose of classification of a host as malicious or non- malicious.
V. CONCLUSION
AlthoughT cloudT computingT haveT manyT advantagesT butT thereT areT lotT ofT securityT issuesT accompaniedT withT itT dueT toT incorporationT ofT variousT technologiesT [12].T InT thisT paper,T aT detailedT presentT viewT ofT differentT cloudT forensicT frameworksT hasT beenT presented.T WeT haveT presentedT variousT methodologiesT forT dealingT withT cloudT forensics.T AnT extendedT discussionT isT alsoT givenT regardingT theT solutionsT andT challengesT providedT byT theT variousdiscussedMethodologies.T AT greaterT emphasizesT isT laidT onT frameworksT makingT useT ofT differentT machineT learningT approachesT forT forensicT investigation.T ThisT reviewT providesT aT directionT toT researchersT byT identifyingT
theT variousT challengesT inT theT cloudT forensicT analysisT andT presentingT effortsT whichT haveT alreadyT beenT conductedT inT thisT field.T OurT mainT goalT isT bringT forwardT aT newT solutionT frameworkT forT identifyingT maliciousT hostT cloudT environmentT usingT approachT ofT machineT learning,T inT orderT toT improveT precisionT andT minimizeT theT amountT ofT timeT requiredT forT analysispurpose.
REFERENCES
1. ChristosT Sgaras,T M-TaharKechadi,T andT Nhien-AnT Le-Khac.T
"ForensicsT acquisitionT andT analysisT ofT instantT messagingT andT
VoIPT applications."T InT ComputationalT forensics,T pp.T 188-199.T
Springer,T Cham,2015.
2. SulemanT Khan,T AbdullahT Gani,T AinuddinT WahidT AbdulT Wahab,T
andT MustaphaT AminuBagiwa.T "SIDNFF:T SourceT identificationT
networkT forensicsT frameworkT forT cloudT computing."T InT ConsumerT
Electronics-T TaiwanT (ICCE-TW),T 2015T IEEET InternationalT
ConferenceT on,T pp.T 418-419.T IEEE,2015.
3. Li,T Jin,T XiaofengT Chen,T QiongT Huang,T andT DuncanT S.T Wong.T
"DigitalT provenance:T EnablingT secureT dataT forensicsT inT cloudT
computing."T FutureT GenerationT ComputerT SystemsT 37T (2014):T
pp.259-266.
4. Alluri,T BKSPT KumarT Raju,T andT G.T Geethakumari.T "AT digitalT
forensicT modelT forT introspectionT ofT virtualT machinesT inT cloudT
computing."T InT
SignalProcessing,Informatics,CommunicationandEnergySystemsT
(SPICES),T 2015T IEEET InternationalT ConferenceT on,T pp.T 1-5.T
IEEE,T 2015.
5. Zawoad,T Shams,T RagibHasan,T andT AnthonyT Skjellum.T "OCF:T anT
openT cloudT forensicsT modelT forT reliableT digitalT forensics."T InT
CloudT ComputingT (CLOUD),T 2015T IEEET 8thT InternationalT
ConferenceT on,T pp.T 437-444.T IEEE,2015
6. Rani,T DeeviRadha,T andT G.T Geethakumari.T "AnT efficientT approachT
toT forensicT investigationT inT cloudT usingT VMT snapshots."T InT
PervasiveT ComputingT (ICPC),T 2015T InternationalT ConferenceT on,T
pp.T 1-5.T IEEE,T 2015.
7. Perumal,T Sundresan,T NoritaMdNorwawi,T andT ValliappanT Raman.T
"InternetT ofT ThingsT (IoT)T digitalT forensicT investigationT model:T
Top-T downT forensicT approachT methodology."T InT DigitalT
InformationT ProcessingT andT CommunicationsT (ICDIPC),T 2015T
FifthT InternationalT ConferenceT on,T pp.T 19-23.T IEEE,2015.
8. Samy,T GanthanNarayana,T BharanidharanShanmugam,T
NurazeanMaarop,T PritheegaMagalingam,T SundresanPerumal,T andT
SameerT HasanAlbakri.T "DigitalT ForensicT ChallengesT inT theT CloudT
ComputingT Environment."T InT InternationalT ConferenceT ofT ReliableT
InformationT
andCommunicationTechnology,pp.669-676.Springer,Cham,2017.
9. Meera,T G.,T BKSPT KumarT RajuAlluri,T DigambarPowar,T andT G.T
Geethakumari.T "AT strategyT forT enablingT forensicT investigationT inT
cloudT IaaS."T InT Electrical,T ComputerT andT CommunicationT
TechnologiesT (ICECCT),T 2015T IEEET InternationalT ConferenceT on,T
pp.T 1-5.T IEEE,2015.
10.Alqahtany,T Saad,T NathanT Clarke,T StevenT Furnell,T andT ChristophT
Reich.T "AT forensicT acquisitionT basedT uponT aT clusterT analysisT ofT
non-T volatileT memoryT inT IaaS."T InT Anti-CyberT CrimesT (ICACC),T
2017T 2ndT InternationalT ConferenceT on,T pp.T 123-128.T IEEE,2017.
11.Kebande,T VictorT R.,T andT IndrakshiT Ray.T "AT genericT digitalT
forensicT investigationT frameworkT forT internetT ofT thingsT (iot)."T InT
FutureT InternetT ofT ThingsT andT CloudT (FiCloud),T 2016T IEEET 4thT
InternationalT ConferenceT on,T pp.T 356-362.T IEEE,2016.
12.Spiekermann,T Daniel,T TobiasT Eggendorfer,T andT JörgT Keller.T
"UsingT networkT dataT toT improveT digitalT investigationT inT cloudT
computingT environments."T InT HighT PerformanceT ComputingT &T
SimulationT (HPCS),T 2015T InternationalT ConferenceT on,T pp.98-105.T
IEEE,T 2015.
13.ShravanaKC.ArtificialIntelligenceinForensicScience.ForensicSciT AddT
Res.T 2(5).FSAR.000554.2018
and protector tools.
Kamalakant To provide Weka Proposed an To increase ha Sethi, a frame intelligent the number Shankar framework work framework for datasets to Kumar for and identification improve Chaudhary, detection Cuck and accuracy of
Bata of malware oo classification of results as Krishan using sandb malware. It only 220 Tripathy, machine ox makes use of datasets and learning micro and macro were used in Padmalocha approach. models this
n Bera developed using framework. (2018) Weka for
identification of malwares and Cuckoo sandbox
for analysis.
S. To provide Clust Implemented a To improve Saibharath a web ering framework for accuracy
and software and data collection and time for Geethakuma tool for cross and rendering in analysis.
ri G. (2015) cloud drive cloud forensics. analy environment that
sis makes use of using clustering for correl pre-processing
ation evidence files. functi
International Journal of Innovative Technology and Exploring Engineering (IJITEE) ISSN: 2278-3075, Volume-8 Issue-8S3, June 2019
14.P.T BhattT andT P.H.T Rughani.T “MachineT learningT forensics:T aT newT
branchT ofT digitalT forensics”.T InT InternationalT JournalT ofT
AdvancedT ResearchT inT ComputerT Science,T ISSNT No.T 0976-5697
15. N.C.C.T F.T S.T W.T Group,T NISTT cloudT computingT forensicT
scienceT challenges.T DraftT NISTIRT 8006,2014.
16.MellP,GranceT.TheNISTdefinitionofcloudcomputing,NISTT specialT
publicationT .T Gaithersburg2011.
17.Datta,Suchana,PalashSantra,KoushikMajumder,andDebashisDe.T "AnT
AutomatedT MaliciousT HostT RecognitionT ModelT inT CloudT
Forensics."T InT NetworkingT CommunicationT andT DataT KnowledgeT
Engineering,T pp.T 61-71.T Springer,T Singapore,2018.
18.Alhassan,T J.T K.,T SanjayT Misra,T A.T Umar,T RytisMaskeliūnas,T
RobertasDamaševičius,T andT AdewoleAdewumi.T "AT FuzzyT
Classifier-BasedT PenetrationT TestingT forT WebT Applications."T InT
InternationalT ConferenceT onT InformationT TheoreticT Security,T pp.T
95-104.T Springer,T Cham,2018.
19.Javaheri,T Danial,T andT MehdiT Hosseinzadeh.T "AT FrameworkT forT
RecognitionandConfrontingofObfuscatedMalwaresBasedonT MemoryT
DumpingT andT FilterT Drivers."T WirelessT PersonalT CommunicationsT
98,T no.T 1T (2018):119-137.
20.Sethi,T Kamalakanta,T ShankarT KumarT Chaudhary,T BataT
KrishanTripathy,T andT PadmalochanBera.T "AT NovelT MalwareT
AnalysisT FrameworkT forT MalwareT DetectionT andT ClassificationT
usingT MachineT LearningT Approach."T InT ProceedingsT ofT theT 19thT
InternationalT ConferenceT onT DistributedT ComputingT andT
Networking,T p.T 49.T ACM,T 2018
21.Sharafaldin,T Iman,T AmirhosseinGharib,T ArashHabibiLashkari,T andT
AliT A.T Ghorbani.T "BotViz:T AT memoryT forensic-basedT botnetT
detectionT andT visualizationT approach."T InT SecurityT TechnologyT
(ICCST),T 2017T InternationalT CarnahanT ConferenceT on,T pp.T 1-8.T
IEEE,2017.
22.SaibharathT S,T GeethakumariT GT “CloudT Forensics:T EvidenceT
