Forensic analysis in the cloud: current state, technical obstacles & challenges


This item is provided by the institution :
International Hellenic University
Repository :
IHU Repository
see item page
in the web site of the repository *

Semantic enrichment/homogenization by EKT

2017 (EN)
Forensic analysis in the cloud: current state, technical obstacles & challenges (EN)

Patsarikas, Andreas (EN)

School of Science and Technology, MSc in Communications and Cybersecurity (EL)
Papathanasiou, Anastasios (EN)
Kotsia, Eirini (EN)

Cloud is a new challenge which must be faced by forensic investigators. There are various types of cloud services, with each type having a different potential use in criminal activity. The difficulty lies in identifying and acquiring (or retaining) potential data when disparate services are used. The communication and cooperation with the service providers, for retrieving the stored files, is a time consuming process. For this reason, investigators must know where are the application data locally stored. There is a need for a framework of digital forensic investigations that is adapted to the requirements and special features of these services. In this thesis, we are proposing a framework based on existing methodologies. By using popular cloud services like Box, we will apply the proposed framework of forensic investigation on a computer with Windows 7. We will examine a variety of scenarios, including a number of file handling methods and access to this service. This research contributes to a better understanding of the artifacts that are likely to be encountered by investigators at the identification stage, by defining the data remnants in the computer system. Such possible sources of information are the application files, the browser history and RAM. Despite the fact that the use and sharing of software, hosted on the Internet, is the next step in exploitation of World Wide Web, it could be a challenge for the researchers of digital forensics. The dependency of individuals and businesses from various providers of cloud services (SaaS, PaaS, IaaS), may hinder the procedure of forensic investigations.


Διεθνές Πανεπιστήμιο της Ελλάδος (EL)
International Hellenic University (EN)


School of Science and Technology (EN)

*Institutions are responsible for keeping their URLs functional (digital file, item page in repository site)