CeFF: A Frameword for Forensics Enabled Cloud Investigation

MPhil Thesis

Pramanik, Md Abdul 2017. CeFF: A Frameword for Forensics Enabled Cloud Investigation. MPhil Thesis University of East London School of Architecture, Computing and Engineering https://doi.org/10.15123/PUB.8080
AuthorsPramanik, Md Abdul
TypeMPhil Thesis

Today, cloud computing has developed a transformative model for the organization, business, governments that brings huge potentials and turn into popular for pay as you go, on-demand service, scalability and efficient services. However, cloud computing has made the concern for forensic data because of the architecture of cloud system is not measured appropriately. Due to the distributed nature of the cloud system, many aspects relating to the forensic investigation such as data collection, data storage, crime target, data violation are difficult to achieve. Investigating the incidents in the cloud environment is a challenging task because the forensics investigator still needs to relay on the third party such as cloud service provider for performing their investigation tasks. It makes the overall forensic process difficult to complete with a duration and presented it to the court. Recently, there are some cloud forensics studies to address the challenges such as evidence collection, data acquisition, identifying the incidents and so on. However, still, there is a research gap in terms of consistency of analysing forensic evidence from distributed environment and methodology to analyse the forensic data in the cloud.
This thesis contributes towards the direction of addressing the research gaps. In particular, this work proposes a forensic investigation framework CeFF: A framework for forensics enabled cloud investigation to investigate evidence in the cloud computing environment. The framework includes a set of concepts from organisational, technical and legal perspectives, which gives a holistic view of analysing cybercrime from organisation context where the crime has occurred through technical context and legal impact. The CeFF also includes a systematic process that uses the concept for performing the investigation. The cloud-enabled forensics framework meets all the forensics related requirement such as data collection, examination, presents the report, and identifies the potential risks that can consider while investigating the evidence in the cloud-computing environment. Finally, the proposed CeFF is applied to a real-life example to validate its applicability. The result shows that CeFF supports analysing the forensic data for a crime occurred in cloud-based system in a systematic way.

Digital Object Identifier (DOI)https://doi.org/10.15123/PUB.8080
Publication dates
Online15 Mar 2019
Publication process dates
Deposited15 Mar 2019
SubmittedAug 2017
Publisher's version
Permalink -


Download files

  • 137
    total views
  • 207
    total downloads
  • 0
    views this month
  • 2
    downloads this month

Export as