Description

To reduce the risk of digital forensic evidence being called into question in judicial proceedings, it is important to have a rigorous methodology and set of procedures for conducting digital forensic investigations and examinations. Digital forensic investigation in the cloud computing environment, however, is in infancy due to the comparatively recent prevalence of cloud computing.

Cloud Storage Forensics presents the first evidence-based cloud forensic framework. Using three popular cloud storage services and one private cloud storage service as case studies, the authors show you how their framework can be used to undertake research into the data remnants on both cloud storage servers and client devices when a user undertakes a variety of methods to store, upload, and access data in the cloud. By determining the data remnants on client devices, you gain a better understanding of the types of terrestrial artifacts that are likely to remain at the Identification stage of an investigation. Once it is determined that a cloud storage service account has potential evidence of relevance to an investigation, you can communicate this to legal liaison points within service providers to enable them to respond and secure evidence in a timely manner.

Key Features

  • Learn to use the methodology and tools from the first evidenced-based cloud forensic framework
  • Case studies provide detailed tools for analysis of cloud storage devices using popular cloud storage services
  • Includes coverage of the legal implications of cloud storage forensic investigations
  • Discussion of the future evolution of cloud storage and its impact on digital forensics

Readership

Information Security professionals of all levels, digital forensic and e-discovery researchers and practitioners, law enforcement agencies, and an academic audience among postgraduate and undergraduate students studying digital forensics and e-discovery.

Table of Contents

Dedication

Acknowledgments

About the Authors

Forewords

Chapter 1. Introduction

Information in this chapter

Introduction

Structure of book and contributions to knowledge

References

Chapter 2. Cloud Storage Forensic Framework

Information in this chapter

Introduction

Cloud (storage) forensic framework

Framework summary

References

Chapter 3. Microsoft SkyDrive Cloud Storage Forensic Analysis

Information in this chapter

Introduction

SkyDrive forensics: Windows 7 PC

SkyDrive forensics: Apple iPhone 3G

Case study

Conclusion

References

Chapter 4. Dropbox Analysis: Data Remnants on User Machines

Information in this chapter

Introduction

Dropbox forensics: Windows 7 PC

Dropbox forensics: Apple iPhone 3G

Case study

Conclusion

References

Chapter 5. Google Drive: Forensic Analysis of Cloud Storage Data Remnants

Information in this chapter

Introduction

Google drive forensics: Windows 7 PC

Google drive forensics: Apple iPhone 3G

Google drive case study

Conclusion

Summary of Microsoft SkyDrive, Dropbox, and Google Drive findings

References

Appendix A

Chapter 6. Open Source Cloud Storage Forensics: ownCloud as a Case Study

Information in this chapter

Introduction

Experiment setup

Findings

Conclusion

References

Chapter 7. Forensic Collection of Cloud Storage Data: Does the Act of Collection Result in Changes to the Data or its Metadata?

Information in this chapter

Introduction

Cloud storage providers

Data collection via Internet access to a user account

Research findings: discussion

Conclusion

References

Chapter 8. Conclusion and Future Work<

Details

No. of pages:
208
Language:
English
Copyright:
© 2014
Published:
Imprint:
Syngress
Print ISBN:
9780124199705
Electronic ISBN:
9780124199910

Reviews

"The authors discuss the challenges that the use of cloud computing presents for investigators, and propose a framework to support forensic investigations that involve cloud storage…This is a good, concise work on a subject of growing importance."--Computing Reviews,July 21 2014

"...excellently written and categorized for each facet of forensics and security issues...Rarely is a book a valuable addition to your collection from both research and industrial perspectives."--Computing Reviews,July 23 2014