A Cloud Forensics Method Based on SDS and Cloud Forensics Trend Analysis

Liu Xuehua; Ding Liping; Liu Wenmao; Zheng Tao; Li Yanfeng; Wu Jingzheng

doi:10.7544/issn1000-1239.2019.20190394

Journal of Computer Research and Development > 2019 > 56(10): 2262-2276. > DOI: 10.7544/issn1000-1239.2019.20190394 CSTR: 32373.14.issn1000-1239.2019.20190394

Liu Xuehua, Ding Liping, Liu Wenmao, Zheng Tao, Li Yanfeng, Wu Jingzheng. A Cloud Forensics Method Based on SDS and Cloud Forensics Trend Analysis[J]. Journal of Computer Research and Development, 2019, 56(10): 2262-2276. DOI: 10.7544/issn1000-1239.2019.20190394

Citation:

PDF (1654 KB)

A Cloud Forensics Method Based on SDS and Cloud Forensics Trend Analysis

¹(Laboratory of Parallel Software and Computational Science, Institute of Software, Chinese Academy of Sciences, Beijing 100190)
²(School of Computer Science and Technology, University of Chinese Academy of Sciences, Beijing 100049)
³(Digital Forensics Laboratory, Institute of Software Application Technology, Guangzhou and Chinese Academy of Sciences, Guangzhou 511458)
⁴(Guangdong Chinese Academy of Sciences & Realdata Science and Technology Company Limited, Guangzhou 511458)
⁵(NSFOCUS Information Technology Company Limited, Beijing 100089)
⁶(China United Network Communications Corporation Limited, Beijing 100033)
⁷(Intelligent Software Research Center, Institute of Software, Chinese Academy of Sciences, Beijing 100190)

More Information

Published Date: September 30, 2019

Graphical Abstract

Abstract

Abstract

With the development and popularization of cloud computing, the security situation of cloud computing environment is getting worse. Cloud forensics is of great significance for safeguarding the cloud computing security. The current cloud forensics technology research is at an early stage, and cloud forensics is faced with problems such as lack of digital evidence integrity, high forensics overhead and low intelligence. Therefore, an intelligent cloud forensics method based on SDS (software defined security) and cloud forensics trend analysis is proposed to mitigate some of these problems. Firstly, a cloud forensics architecture based on software defined security is proposed to realize collaborative real-time forensics between cloud network and cloud computing platform. Secondly, a cloud forensics trend analysis algorithm based on the HMM (hidden Markov model) is proposed to realize intelligent forensics strategy decision-making and forensics resource scheduling in the cloud forensics architecture. The experimental results show that, compared with the separate network forensics method and cloud computing platform forensics method, the forensics capacity of this method increases to 91.6%, and the forensics overhead of this method is in between, achieving a better effect between forensics capability and forensics overhead. This method has some referential significance for cloud service providers to provide cloud forensics service.
- cloud computing,
- cloud forensics,
- digital forensics,
- software defined security (SDS),
- hidden Markov model (HMM),
- cloud forensics trend

FullText(HTML)

References (0)

[1]	Cui Chaoyuan, Li Yonggang, Wu Yun, Wang Licheng. A Memory Forensic Method Based on Hidden Event Trigger Mechanism[J]. Journal of Computer Research and Development, 2018, 55(10): 2278-2290. DOI: 10.7544/issn1000-1239.2018.20180405
[2]	Yi Peng, Zhou Qiao, Men Haosong. Dynamic Social Network Community Detection Algorithm Based on Hidden Markov Model[J]. Journal of Computer Research and Development, 2017, 54(11): 2611-2619. DOI: 10.7544/issn1000-1239.2017.20160741
[3]	Tang Wanning, Wang Mingwen, Wan Jianyi. Markov Network Retrieval Model Based on Document Cliques[J]. Journal of Computer Research and Development, 2014, 51(10): 2248-2254. DOI: 10.7544/issn1000-1239.2014.20130343
[4]	Jiang Changhao, Zhang Min, Gao Bin, Liu Yiqun, Ma Shaoping. Advertiser Status Modeling in Sponsored Search[J]. Journal of Computer Research and Development, 2013, 50(12): 2621-2628.
[5]	Wu Caihua, Liu Juntao, Peng Shirui, Li Haihong. Deriving Markov Chain Usage Model from UML Model[J]. Journal of Computer Research and Development, 2012, 49(8): 1811-1819.
[6]	Zhang Zhan, Liu Guangjie, Dai Yuewei, Wang Zhiquan. A Self-Adaptive Image Steganography Algorithm Based on Cover-Coding and Markov Model[J]. Journal of Computer Research and Development, 2012, 49(8): 1668-1675.
[7]	Dong Hao, Liu Yuanning, Zhang Hao, Wang Gang. A Method of RNA Secondary Structure Prediction Based on Hidden Markov Model[J]. Journal of Computer Research and Development, 2012, 49(4): 812-817.
[8]	Zhao Jing, Huang Houkuan, and Tian Shengfeng. Protocol Anomaly Detection Based on Hidden Markov Model[J]. Journal of Computer Research and Development, 2010, 47(4): 621-627.
[9]	Wang Junwen, Liu Guangjie, Dai Yuewei, Zhang Zhan, and Wang Zhiquan. Image Forensics for Blur Detection Based on Nonsubsampled Contourlet Transform[J]. Journal of Computer Research and Development, 2009, 46(9): 1549-1555.
[10]	Duan Jiangjiao, Xue Yongsheng, Lin Ziyu, Wang Wei, Shi Baile. A Novel Hidden Markov Model-Based Hierarchical Time-Series Clustering Algorithm[J]. Journal of Computer Research and Development, 2006, 43(1): 61-67.

Cited By

Cited by

Periodical cited type(8)

1.	刘杨，汪伦，沈鑫. 基于SDN服务链安全资源池的园区网出口方案设计. 现代信息科技. 2025(01): 115-119 .
2.	张正昌. 云取证的学理反思与制度调适. 财经法学. 2025(02): 174-189 .
3.	陈培欣，罗志娟. 基于区块链的云取证方案. 网络安全技术与应用. 2024(03): 124-126 .
4.	丁丽萍，杜漠，黄昭颖，肖炯恩. 基于人工智能与区块链技术融合的端到云智慧执法平台. 警察技术. 2022(01): 62-69 .
5.	吕锋. 云平台下入侵人员位置实时监测方法研究. 计算技术与自动化. 2022(02): 29-33 .
6.	陈葳葳，曹利，顾翔. 基于区块链的车联网电子取证模型. 计算机应用. 2021(07): 1989-1995 .
7.	唐寅，何嘉. 基于软件定义的安全功能服务链部署方法. 计算机工程与设计. 2021(11): 3052-3058 .
8.	李嘉鑫，马征兆，张叶舟，唐远新，翟继强. 基于云取证的轻量级虚拟机监视器设计. 计算机与网络. 2020(23): 61-64 .